2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
73 #ifdef HAVE_SYS_SYSCTL_H
74 #include <sys/sysctl.h>
77 #ifdef HAVE_HTTPCONNECTENCRYPT
78 #include <cups/http.h>
83 extern userdom_struct current_user_info;
85 /* the special value for the include parameter
86 * to be interpreted not as a file name but to
87 * trigger loading of the global smb.conf options
89 #ifndef INCLUDE_REGISTRY_NAME
90 #define INCLUDE_REGISTRY_NAME "registry"
93 static bool in_client = false; /* Not in the client by default */
94 static struct smbconf_csn conf_last_csn;
96 static int config_backend = CONFIG_BACKEND_FILE;
98 /* some helpful bits */
99 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
102 #define USERSHARE_VALID 1
103 #define USERSHARE_PENDING_DELETE 2
105 static bool defaults_saved = false;
107 #include "lib/param/param_global.h"
109 static struct loadparm_global Globals;
111 /* This is a default service used to prime a services structure */
112 static struct loadparm_service sDefault =
117 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .iMaxPrintJobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
188 .administrative_share = false,
191 .print_notify_backchannel = false,
195 .store_dos_attributes = false,
196 .dmapi_support = false,
198 .strict_locking = Auto,
199 .posix_locking = true,
201 .kernel_oplocks = false,
202 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_sync = false,
210 .mangling_char = '~',
212 .delete_readonly = false,
213 .fake_oplocks = false,
214 .delete_veto_files = false,
215 .dos_filemode = false,
216 .dos_filetimes = true,
217 .dos_filetime_resolution = false,
218 .fake_directory_create_times = false,
219 .blocking_locks = true,
220 .inherit_permissions = false,
221 .inherit_acls = false,
222 .inherit_owner = false,
224 .use_client_driver = false,
225 .default_devmode = true,
226 .force_printername = false,
227 .nt_acl_support = true,
228 .force_unknown_acl_user = false,
229 ._use_sendfile = false,
230 .profile_acls = false,
231 .map_acl_inherit = false,
234 .acl_check_permissions = true,
235 .acl_map_full_control = true,
236 .acl_group_control = false,
237 .acl_allow_execute_always = false,
238 .change_notify = true,
239 .kernel_change_notify = true,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
261 static void set_allowed_client_auth(void);
263 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue, bool store_values);
264 static void free_param_opts(struct parmlist_entry **popts);
266 /* this is used to prevent lots of mallocs of size 1 */
267 static const char null_string[] = "";
273 static void string_free(char **s)
277 if (*s == null_string)
283 Set a string value, deallocating any existing space, and allocing the space
287 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
295 (*dest) = talloc_strdup(mem_ctx, src);
296 if ((*dest) == NULL) {
297 DEBUG(0,("Out of memory in string_init\n"));
304 bool lp_string_set(char **dest, const char *src) {
305 return string_set(Globals.ctx, dest, src);
308 /***************************************************************************
309 Initialise the sDefault parameter structure for the printer values.
310 ***************************************************************************/
312 void init_printer_values(TALLOC_CTX *ctx, struct loadparm_service *pService)
314 /* choose defaults depending on the type of printing */
315 switch (pService->printing) {
320 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P'%p'");
321 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P'%p' %j");
322 lpcfg_string_set(ctx, &pService->print_command, "lpr -r -P'%p' %s");
327 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P'%p'");
328 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P'%p' %j");
329 lpcfg_string_set(ctx, &pService->print_command, "lpr -r -P'%p' %s");
330 lpcfg_string_set(ctx, &pService->queuepause_command, "lpc stop '%p'");
331 lpcfg_string_set(ctx, &pService->queueresume_command, "lpc start '%p'");
332 lpcfg_string_set(ctx, &pService->lppause_command, "lpc hold '%p' %j");
333 lpcfg_string_set(ctx, &pService->lpresume_command, "lpc release '%p' %j");
338 /* set the lpq command to contain the destination printer
339 name only. This is used by cups_queue_get() */
340 lpcfg_string_set(ctx, &pService->lpq_command, "%p");
341 lpcfg_string_set(ctx, &pService->lprm_command, "");
342 lpcfg_string_set(ctx, &pService->print_command, "");
343 lpcfg_string_set(ctx, &pService->lppause_command, "");
344 lpcfg_string_set(ctx, &pService->lpresume_command, "");
345 lpcfg_string_set(ctx, &pService->queuepause_command, "");
346 lpcfg_string_set(ctx, &pService->queueresume_command, "");
351 lpcfg_string_set(ctx, &pService->lpq_command, "lpstat -o%p");
352 lpcfg_string_set(ctx, &pService->lprm_command, "cancel %p-%j");
353 lpcfg_string_set(ctx, &pService->print_command, "lp -c -d%p %s; rm %s");
354 lpcfg_string_set(ctx, &pService->queuepause_command, "disable %p");
355 lpcfg_string_set(ctx, &pService->queueresume_command, "enable %p");
357 lpcfg_string_set(ctx, &pService->lppause_command, "lp -i %p-%j -H hold");
358 lpcfg_string_set(ctx, &pService->lpresume_command, "lp -i %p-%j -H resume");
363 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P%p");
364 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P%p %j");
365 lpcfg_string_set(ctx, &pService->print_command, "lp -r -P%p %s");
368 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
373 TALLOC_CTX *tmp_ctx = talloc_new(ctx);
376 tdbfile = talloc_asprintf(
377 tmp_ctx, "tdbfile=%s",
378 lp_parm_const_string(-1, "vlp", "tdbfile",
380 if (tdbfile == NULL) {
381 tdbfile="tdbfile=/tmp/vlp.tdb";
384 tmp = talloc_asprintf(tmp_ctx, "vlp %s print %%p %%s",
386 lpcfg_string_set(ctx, &pService->print_command,
387 tmp ? tmp : "vlp print %p %s");
389 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpq %%p",
391 lpcfg_string_set(ctx, &pService->lpq_command,
392 tmp ? tmp : "vlp lpq %p");
394 tmp = talloc_asprintf(tmp_ctx, "vlp %s lprm %%p %%j",
396 lpcfg_string_set(ctx, &pService->lprm_command,
397 tmp ? tmp : "vlp lprm %p %j");
399 tmp = talloc_asprintf(tmp_ctx, "vlp %s lppause %%p %%j",
401 lpcfg_string_set(ctx, &pService->lppause_command,
402 tmp ? tmp : "vlp lppause %p %j");
404 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpresume %%p %%j",
406 lpcfg_string_set(ctx, &pService->lpresume_command,
407 tmp ? tmp : "vlp lpresume %p %j");
409 tmp = talloc_asprintf(tmp_ctx, "vlp %s queuepause %%p",
411 lpcfg_string_set(ctx, &pService->queuepause_command,
412 tmp ? tmp : "vlp queuepause %p");
414 tmp = talloc_asprintf(tmp_ctx, "vlp %s queueresume %%p",
416 lpcfg_string_set(ctx, &pService->queueresume_command,
417 tmp ? tmp : "vlp queueresume %p");
418 TALLOC_FREE(tmp_ctx);
422 #endif /* DEVELOPER */
427 * Function to return the default value for the maximum number of open
428 * file descriptors permitted. This function tries to consult the
429 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
430 * the smaller of those.
432 static int max_open_files(void)
434 int sysctl_max = MAX_OPEN_FILES;
435 int rlimit_max = MAX_OPEN_FILES;
437 #ifdef HAVE_SYSCTLBYNAME
439 size_t size = sizeof(sysctl_max);
440 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
445 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
451 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
452 rlimit_max = rl.rlim_cur;
454 #if defined(RLIM_INFINITY)
455 if(rl.rlim_cur == RLIM_INFINITY)
456 rlimit_max = MAX_OPEN_FILES;
461 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
462 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
463 "minimum Windows limit (%d)\n",
465 MIN_OPEN_FILES_WINDOWS));
466 sysctl_max = MIN_OPEN_FILES_WINDOWS;
469 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
470 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
471 "minimum Windows limit (%d)\n",
473 MIN_OPEN_FILES_WINDOWS));
474 rlimit_max = MIN_OPEN_FILES_WINDOWS;
477 return MIN(sysctl_max, rlimit_max);
481 * Common part of freeing allocated data for one parameter.
483 static void free_one_parameter_common(void *parm_ptr,
484 struct parm_struct parm)
486 if ((parm.type == P_STRING) ||
487 (parm.type == P_USTRING))
489 string_free((char**)parm_ptr);
490 } else if (parm.type == P_LIST) {
491 TALLOC_FREE(*((char***)parm_ptr));
496 * Free the allocated data for one parameter for a share
497 * given as a service struct.
499 static void free_one_parameter(struct loadparm_service *service,
500 struct parm_struct parm)
504 if (parm.p_class != P_LOCAL) {
508 parm_ptr = lp_parm_ptr(service, &parm);
510 free_one_parameter_common(parm_ptr, parm);
514 * Free the allocated parameter data of a share given
515 * as a service struct.
517 static void free_parameters(struct loadparm_service *service)
521 for (i=0; parm_table[i].label; i++) {
522 free_one_parameter(service, parm_table[i]);
527 * Free the allocated data for one parameter for a given share
528 * specified by an snum.
530 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
535 parm_ptr = lp_parm_ptr(NULL, &parm);
536 } else if (parm.p_class != P_LOCAL) {
539 parm_ptr = lp_local_ptr_by_snum(snum, &parm);
542 free_one_parameter_common(parm_ptr, parm);
546 * Free the allocated parameter data for a share specified
549 static void free_parameters_by_snum(int snum)
553 for (i=0; parm_table[i].label; i++) {
554 free_one_parameter_by_snum(snum, parm_table[i]);
559 * Free the allocated global parameters.
561 static void free_global_parameters(void)
563 free_param_opts(&Globals.param_opt);
564 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
565 TALLOC_FREE(Globals.ctx);
568 struct lp_stored_option {
569 struct lp_stored_option *prev, *next;
574 static struct lp_stored_option *stored_options;
577 save options set by lp_set_cmdline() into a list. This list is
578 re-applied when we do a globals reset, so that cmdline set options
579 are sticky across reloads of smb.conf
581 static bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
583 struct lp_stored_option *entry, *entry_next;
584 for (entry = stored_options; entry != NULL; entry = entry_next) {
585 entry_next = entry->next;
586 if (strcmp(pszParmName, entry->label) == 0) {
587 DLIST_REMOVE(stored_options, entry);
593 entry = talloc(NULL, struct lp_stored_option);
598 entry->label = talloc_strdup(entry, pszParmName);
604 entry->value = talloc_strdup(entry, pszParmValue);
610 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
615 static bool apply_lp_set_cmdline(void)
617 struct lp_stored_option *entry = NULL;
618 for (entry = stored_options; entry != NULL; entry = entry->next) {
619 if (!lp_set_cmdline_helper(entry->label, entry->value, false)) {
620 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
621 entry->label, entry->value));
628 /***************************************************************************
629 Initialise the global parameter structure.
630 ***************************************************************************/
632 static void init_globals(bool reinit_globals)
634 static bool done_init = false;
638 /* If requested to initialize only once and we've already done it... */
639 if (!reinit_globals && done_init) {
640 /* ... then we have nothing more to do */
645 /* The logfile can be set before this is invoked. Free it if so. */
646 if (Globals.logfile != NULL) {
647 string_free(&Globals.logfile);
648 Globals.logfile = NULL;
652 free_global_parameters();
655 /* This memset and the free_global_parameters() above will
656 * wipe out smb.conf options set with lp_set_cmdline(). The
657 * apply_lp_set_cmdline() call puts these values back in the
658 * table once the defaults are set */
659 ZERO_STRUCT(Globals);
661 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
663 for (i = 0; parm_table[i].label; i++) {
664 if ((parm_table[i].type == P_STRING ||
665 parm_table[i].type == P_USTRING))
667 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
672 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
673 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
675 init_printer_values(Globals.ctx, &sDefault);
677 sDefault.ntvfs_handler = (const char **)str_list_make_v3(NULL, "unixuid default", NULL);
679 DEBUG(3, ("Initialising global parameters\n"));
681 /* Must manually force to upper case here, as this does not go via the handler */
682 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
684 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
685 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
687 /* use the new 'hash2' method by default, with a prefix of 1 */
688 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
689 Globals.mangle_prefix = 1;
691 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
693 /* using UTF8 by default allows us to support all chars */
694 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
696 /* Use codepage 850 as a default for the dos character set */
697 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
700 * Allow the default PASSWD_CHAT to be overridden in local.h.
702 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
704 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
706 string_set(Globals.ctx, &Globals.passwd_program, "");
707 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
708 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
709 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
710 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
711 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
713 * By default support explicit binding to broadcast
716 Globals.nmbd_bind_explicit_broadcast = true;
718 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
720 smb_panic("init_globals: ENOMEM");
722 string_set(Globals.ctx, &Globals.server_string, s);
725 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
728 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
730 string_set(Globals.ctx, &Globals.logon_drive, "");
731 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
732 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
733 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
735 Globals.name_resolve_order = (const char **)str_list_make_v3(NULL, "lmhosts wins host bcast", NULL);
736 string_set(Globals.ctx, &Globals.password_server, "*");
738 Globals.algorithmic_rid_base = BASE_RID;
740 Globals.load_printers = true;
741 Globals.printcap_cache_time = 750; /* 12.5 minutes */
743 Globals.config_backend = config_backend;
744 Globals._server_role = ROLE_AUTO;
746 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
747 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
748 Globals.max_xmit = 0x4104;
749 Globals.max_mux = 50; /* This is *needed* for profile support. */
750 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
751 Globals._disable_spoolss = false;
752 Globals.max_smbd_processes = 0;/* no limit specified */
753 Globals.username_level = 0;
754 Globals.deadtime = 0;
755 Globals.getwd_cache = true;
756 Globals.large_readwrite = true;
757 Globals.max_log_size = 5000;
758 Globals.max_open_files = max_open_files();
759 Globals.server_max_protocol = PROTOCOL_SMB3_00;
760 Globals.server_min_protocol = PROTOCOL_LANMAN1;
761 Globals.client_max_protocol = PROTOCOL_NT1;
762 Globals.client_min_protocol = PROTOCOL_CORE;
763 Globals._security = SEC_AUTO;
764 Globals.encrypt_passwords = true;
765 Globals.client_schannel = Auto;
766 Globals.winbind_sealed_pipes = true;
767 Globals.require_strong_key = true;
768 Globals.server_schannel = Auto;
769 Globals.read_raw = true;
770 Globals.write_raw = true;
771 Globals.null_passwords = false;
772 Globals.old_password_allowed_period = 60;
773 Globals.obey_pam_restrictions = false;
775 Globals.syslog_only = false;
776 Globals.timestamp_logs = true;
777 string_set(Globals.ctx, &Globals.log_level, "0");
778 Globals.debug_prefix_timestamp = false;
779 Globals.debug_hires_timestamp = true;
780 Globals.debug_pid = false;
781 Globals.debug_uid = false;
782 Globals.debug_class = false;
783 Globals.enable_core_files = true;
784 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
785 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
786 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
787 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
788 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
789 Globals.lm_interval = 60;
790 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
791 Globals.nis_homedir = false;
792 #ifdef WITH_NISPLUS_HOME
793 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
795 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
798 Globals.time_server = false;
799 Globals.bind_interfaces_only = false;
800 Globals.unix_password_sync = false;
801 Globals.pam_password_change = false;
802 Globals.passwd_chat_debug = false;
803 Globals.passwd_chat_timeout = 2; /* 2 second default. */
804 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
805 Globals.nt_status_support = true; /* Use NT status by default. */
806 Globals.stat_cache = true; /* use stat cache by default */
807 Globals.max_stat_cache_size = 256; /* 256k by default */
808 Globals.restrict_anonymous = 0;
809 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
810 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
811 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
812 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
813 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
814 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
816 Globals.map_to_guest = 0; /* By Default, "Never" */
817 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
818 Globals.enhanced_browsing = true;
819 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
820 #ifdef MMAP_BLACKLIST
821 Globals.use_mmap = false;
823 Globals.use_mmap = true;
825 Globals.unicode = true;
826 Globals.unix_extensions = true;
827 Globals.reset_on_zero_vc = false;
828 Globals.log_writeable_files_on_exit = false;
829 Globals.create_krb5_conf = true;
830 Globals.winbindMaxDomainConnections = 1;
832 /* hostname lookups can be very expensive and are broken on
833 a large number of sites (tridge) */
834 Globals.hostname_lookups = false;
836 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
837 string_set(Globals.ctx, &Globals.ldap_suffix, "");
838 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
839 string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
840 string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
841 string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
843 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
844 Globals.ldap_ssl = LDAP_SSL_START_TLS;
845 Globals.ldap_ssl_ads = false;
846 Globals.ldap_deref = -1;
847 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
848 Globals.ldap_delete_dn = false;
849 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
850 Globals.ldap_follow_referral = Auto;
851 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
852 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
853 Globals.ldap_page_size = LDAP_PAGE_SIZE;
855 Globals.ldap_debug_level = 0;
856 Globals.ldap_debug_threshold = 10;
858 /* This is what we tell the afs client. in reality we set the token
859 * to never expire, though, when this runs out the afs client will
860 * forget the token. Set to 0 to get NEVERDATE.*/
861 Globals.afs_token_lifetime = 604800;
862 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
864 /* these parameters are set to defaults that are more appropriate
865 for the increasing samba install base:
867 as a member of the workgroup, that will possibly become a
868 _local_ master browser (lm = true). this is opposed to a forced
869 local master browser startup (pm = true).
871 doesn't provide WINS server service by default (wsupp = false),
872 and doesn't provide domain master browser services by default, either.
876 Globals.show_add_printer_wizard = true;
877 Globals.os_level = 20;
878 Globals.local_master = true;
879 Globals._domain_master = Auto; /* depending on _domain_logons */
880 Globals._domain_logons = false;
881 Globals.browse_list = true;
882 Globals.we_are_a_wins_server = false;
883 Globals.wins_proxy = false;
885 TALLOC_FREE(Globals.init_logon_delayed_hosts);
886 Globals.init_logon_delay = 100; /* 100 ms default delay */
888 Globals.wins_dns_proxy = true;
890 Globals.allow_trusted_domains = true;
891 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
893 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
894 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
895 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
896 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
898 string_set(Globals.ctx, &Globals.cups_server, "");
899 string_set(Globals.ctx, &Globals.iprint_server, "");
901 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
903 Globals.cluster_addresses = NULL;
904 Globals.clustering = false;
905 Globals.ctdb_timeout = 0;
906 Globals.ctdb_locktime_warn_threshold = 0;
908 Globals.winbind_cache_time = 300; /* 5 minutes */
909 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
910 Globals.winbind_max_clients = 200;
911 Globals.winbind_enum_users = false;
912 Globals.winbind_enum_groups = false;
913 Globals.winbind_use_default_domain = false;
914 Globals.winbind_trusted_domains_only = false;
915 Globals.winbind_nested_groups = true;
916 Globals.winbind_expand_groups = 1;
917 Globals.winbind_nss_info = (const char **)str_list_make_v3(NULL, "template", NULL);
918 Globals.winbind_refresh_tickets = false;
919 Globals.winbind_offline_logon = false;
921 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
922 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
924 Globals.passdb_expand_explicit = false;
926 Globals.name_cache_timeout = 660; /* In seconds */
928 Globals.use_spnego = true;
929 Globals.client_use_spnego = true;
931 Globals.client_signing = SMB_SIGNING_DEFAULT;
932 Globals.server_signing = SMB_SIGNING_DEFAULT;
934 Globals.defer_sharing_violations = true;
935 Globals.smb_ports = (const char **)str_list_make_v3(NULL, SMB_PORTS, NULL);
937 Globals.enable_privileges = true;
938 Globals.host_msdfs = true;
939 Globals.enable_asu_support = false;
941 /* User defined shares. */
942 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
944 smb_panic("init_globals: ENOMEM");
946 string_set(Globals.ctx, &Globals.usershare_path, s);
948 string_set(Globals.ctx, &Globals.usershare_template_share, "");
949 Globals.usershare_max_shares = 0;
950 /* By default disallow sharing of directories not owned by the sharer. */
951 Globals.usershare_owner_only = true;
952 /* By default disallow guest access to usershares. */
953 Globals.usershare_allow_guests = false;
955 Globals.keepalive = DEFAULT_KEEPALIVE;
957 /* By default no shares out of the registry */
958 Globals.registry_shares = false;
960 Globals.iminreceivefile = 0;
962 Globals.map_untrusted_to_domain = false;
963 Globals.multicast_dns_register = true;
965 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
966 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
967 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
968 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
970 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
972 Globals.server_services = (const char **)str_list_make_v3(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate dns", NULL);
974 Globals.dcerpc_endpoint_servers = (const char **)str_list_make_v3(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
976 Globals.tls_enabled = true;
978 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
979 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
980 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
982 string_set(Globals.ctx, &Globals.share_backend, "classic");
984 Globals.iPreferredMaster = Auto;
986 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
988 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
990 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
992 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
994 smb_panic("init_globals: ENOMEM");
996 Globals.samba_kcc_command = (const char **)str_list_make_v3(NULL, s, NULL);
999 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
1001 smb_panic("init_globals: ENOMEM");
1003 Globals.dns_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1006 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
1008 smb_panic("init_globals: ENOMEM");
1010 Globals.spn_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1013 Globals.nsupdate_command = (const char **)str_list_make_v3(NULL, "/usr/bin/nsupdate -g", NULL);
1015 Globals.rndc_command = (const char **)str_list_make_v3(NULL, "/usr/sbin/rndc", NULL);
1017 Globals.cldap_port = 389;
1019 Globals.dgram_port = 138;
1021 Globals.nbt_port = 137;
1023 Globals.krb5_port = 88;
1025 Globals.kpasswd_port = 464;
1027 Globals.web_port = 901;
1029 /* Now put back the settings that were set with lp_set_cmdline() */
1030 apply_lp_set_cmdline();
1033 /*******************************************************************
1034 Convenience routine to grab string parameters into talloced memory
1035 and run standard_sub_basic on them. The buffers can be written to by
1036 callers without affecting the source string.
1037 ********************************************************************/
1039 char *lp_string(TALLOC_CTX *ctx, const char *s)
1043 /* The follow debug is useful for tracking down memory problems
1044 especially if you have an inner loop that is calling a lp_*()
1045 function that returns a string. Perhaps this debug should be
1046 present all the time? */
1049 DEBUG(10, ("lp_string(%s)\n", s));
1055 ret = talloc_sub_basic(ctx,
1056 get_current_username(),
1057 current_user_info.domain,
1059 if (trim_char(ret, '\"', '\"')) {
1060 if (strchr(ret,'\"') != NULL) {
1062 ret = talloc_sub_basic(ctx,
1063 get_current_username(),
1064 current_user_info.domain,
1072 In this section all the functions that are used to access the
1073 parameters from the rest of the program are defined
1076 #define FN_GLOBAL_STRING(fn_name,ptr) \
1077 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1078 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1079 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1080 #define FN_GLOBAL_LIST(fn_name,ptr) \
1081 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1082 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1083 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1084 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1085 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1086 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1087 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1089 #define FN_LOCAL_STRING(fn_name,val) \
1090 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1091 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1092 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1093 #define FN_LOCAL_LIST(fn_name,val) \
1094 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1095 #define FN_LOCAL_BOOL(fn_name,val) \
1096 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1097 #define FN_LOCAL_INTEGER(fn_name,val) \
1098 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1100 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1101 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1102 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1103 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1104 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1105 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1107 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1108 winbindMaxDomainConnections)
1110 int lp_winbind_max_domain_connections(void)
1112 if (lp_winbind_offline_logon() &&
1113 lp_winbind_max_domain_connections_int() > 1) {
1114 DEBUG(1, ("offline logons active, restricting max domain "
1115 "connections to 1\n"));
1118 return MAX(1, lp_winbind_max_domain_connections_int());
1121 int lp_smb2_max_credits(void)
1123 if (Globals.ismb2_max_credits == 0) {
1124 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1126 return Globals.ismb2_max_credits;
1128 int lp_cups_encrypt(void)
1131 #ifdef HAVE_HTTPCONNECTENCRYPT
1132 switch (Globals.CupsEncrypt) {
1134 result = HTTP_ENCRYPT_REQUIRED;
1137 result = HTTP_ENCRYPT_ALWAYS;
1140 result = HTTP_ENCRYPT_NEVER;
1147 /* These functions remain in source3/param for now */
1149 #include "lib/param/param_functions.c"
1151 FN_LOCAL_STRING(servicename, szService)
1152 FN_LOCAL_CONST_STRING(const_servicename, szService)
1154 /* These functions cannot be auto-generated */
1155 FN_LOCAL_BOOL(autoloaded, autoloaded)
1157 /* local prototypes */
1159 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1160 static const char *get_boolean(bool bool_value);
1161 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1163 static bool do_section(const char *pszSectionName, void *userdata);
1164 static bool hash_a_service(const char *name, int number);
1165 static void free_service_byindex(int iService);
1166 static void show_parameter(int parmIndex);
1167 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1170 * This is a helper function for parametrical options support. It returns a
1171 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1172 * parametrical functions are quite simple
1174 static struct parmlist_entry *get_parametrics_by_service(struct loadparm_service *service, const char *type,
1177 bool global_section = false;
1179 struct parmlist_entry *data;
1180 TALLOC_CTX *mem_ctx = talloc_stackframe();
1182 if (service == NULL) {
1183 data = Globals.param_opt;
1184 global_section = true;
1186 data = service->param_opt;
1189 param_key = talloc_asprintf(mem_ctx, "%s:%s", type, option);
1190 if (param_key == NULL) {
1191 DEBUG(0,("asprintf failed!\n"));
1192 TALLOC_FREE(mem_ctx);
1197 if (strwicmp(data->key, param_key) == 0) {
1198 TALLOC_FREE(mem_ctx);
1204 if (!global_section) {
1205 /* Try to fetch the same option but from globals */
1206 /* but only if we are not already working with Globals */
1207 data = Globals.param_opt;
1209 if (strwicmp(data->key, param_key) == 0) {
1210 TALLOC_FREE(mem_ctx);
1217 TALLOC_FREE(mem_ctx);
1223 * This is a helper function for parametrical options support. It returns a
1224 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1225 * parametrical functions are quite simple
1227 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1230 if (snum >= iNumServices) return NULL;
1233 return get_parametrics_by_service(NULL, type, option);
1235 return get_parametrics_by_service(ServicePtrs[snum], type, option);
1240 #define MISSING_PARAMETER(name) \
1241 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1243 /*******************************************************************
1244 convenience routine to return enum parameters.
1245 ********************************************************************/
1246 static int lp_enum(const char *s,const struct enum_list *_enum)
1250 if (!s || !*s || !_enum) {
1251 MISSING_PARAMETER(lp_enum);
1255 for (i=0; _enum[i].name; i++) {
1256 if (strequal(_enum[i].name,s))
1257 return _enum[i].value;
1260 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1264 #undef MISSING_PARAMETER
1266 /* Return parametric option from a given service. Type is a part of option before ':' */
1267 /* Parametric option has following syntax: 'Type: option = value' */
1268 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1270 struct parmlist_entry *data = get_parametrics(snum, type, option);
1272 if (data == NULL||data->value==NULL) {
1274 return lp_string(ctx, def);
1280 return lp_string(ctx, data->value);
1283 /* Return parametric option from a given service. Type is a part of option before ':' */
1284 /* Parametric option has following syntax: 'Type: option = value' */
1285 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1287 struct parmlist_entry *data = get_parametrics(snum, type, option);
1289 if (data == NULL||data->value==NULL)
1295 const char *lp_parm_const_string_service(struct loadparm_service *service,
1296 const char *type, const char *option,
1299 struct parmlist_entry *data = get_parametrics_by_service(service, type, option);
1301 if (data == NULL||data->value==NULL)
1308 /* Return parametric option from a given service. Type is a part of option before ':' */
1309 /* Parametric option has following syntax: 'Type: option = value' */
1311 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1313 struct parmlist_entry *data = get_parametrics(snum, type, option);
1315 if (data == NULL||data->value==NULL)
1316 return (const char **)def;
1318 if (data->list==NULL) {
1319 data->list = str_list_make_v3(NULL, data->value, NULL);
1322 return (const char **)data->list;
1325 /* Return parametric option from a given service. Type is a part of option before ':' */
1326 /* Parametric option has following syntax: 'Type: option = value' */
1328 int lp_parm_int(int snum, const char *type, const char *option, int def)
1330 struct parmlist_entry *data = get_parametrics(snum, type, option);
1332 if (data && data->value && *data->value)
1333 return lp_int(data->value);
1338 /* Return parametric option from a given service. Type is a part of option before ':' */
1339 /* Parametric option has following syntax: 'Type: option = value' */
1341 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1343 struct parmlist_entry *data = get_parametrics(snum, type, option);
1345 if (data && data->value && *data->value)
1346 return lp_ulong(data->value);
1351 /* Return parametric option from a given service. Type is a part of option before ':' */
1352 /* Parametric option has following syntax: 'Type: option = value' */
1354 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1356 struct parmlist_entry *data = get_parametrics(snum, type, option);
1358 if (data && data->value && *data->value)
1359 return lp_bool(data->value);
1364 /* Return parametric option from a given service. Type is a part of option before ':' */
1365 /* Parametric option has following syntax: 'Type: option = value' */
1367 int lp_parm_enum(int snum, const char *type, const char *option,
1368 const struct enum_list *_enum, int def)
1370 struct parmlist_entry *data = get_parametrics(snum, type, option);
1372 if (data && data->value && *data->value && _enum)
1373 return lp_enum(data->value, _enum);
1379 * free a param_opts structure.
1380 * param_opts handling should be moved to talloc;
1381 * then this whole functions reduces to a TALLOC_FREE().
1384 static void free_param_opts(struct parmlist_entry **popts)
1386 struct parmlist_entry *opt, *next_opt;
1388 if (*popts != NULL) {
1389 DEBUG(5, ("Freeing parametrics:\n"));
1392 while (opt != NULL) {
1393 string_free(&opt->key);
1394 string_free(&opt->value);
1395 TALLOC_FREE(opt->list);
1396 next_opt = opt->next;
1403 /***************************************************************************
1404 Free the dynamically allocated parts of a service struct.
1405 ***************************************************************************/
1407 static void free_service(struct loadparm_service *pservice)
1412 if (pservice->szService)
1413 DEBUG(5, ("free_service: Freeing service %s\n",
1414 pservice->szService));
1416 free_parameters(pservice);
1418 string_free(&pservice->szService);
1419 TALLOC_FREE(pservice->copymap);
1421 free_param_opts(&pservice->param_opt);
1423 ZERO_STRUCTP(pservice);
1427 /***************************************************************************
1428 remove a service indexed in the ServicePtrs array from the ServiceHash
1429 and free the dynamically allocated parts
1430 ***************************************************************************/
1432 static void free_service_byindex(int idx)
1434 if ( !LP_SNUM_OK(idx) )
1437 ServicePtrs[idx]->valid = false;
1439 /* we have to cleanup the hash record */
1441 if (ServicePtrs[idx]->szService) {
1442 char *canon_name = canonicalize_servicename(
1444 ServicePtrs[idx]->szService );
1446 dbwrap_delete_bystring(ServiceHash, canon_name );
1447 TALLOC_FREE(canon_name);
1450 free_service(ServicePtrs[idx]);
1451 talloc_free_children(ServicePtrs[idx]);
1454 /***************************************************************************
1455 Add a new service to the services array initialising it with the given
1457 ***************************************************************************/
1459 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1462 int num_to_alloc = iNumServices + 1;
1463 struct loadparm_service **tsp = NULL;
1465 /* it might already exist */
1467 i = getservicebyname(name, NULL);
1473 /* if not, then create one */
1475 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1477 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1481 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1482 if (!ServicePtrs[iNumServices]) {
1483 DEBUG(0,("add_a_service: out of memory!\n"));
1488 ServicePtrs[i]->valid = true;
1490 copy_service(ServicePtrs[i], pservice, NULL);
1492 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1494 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1495 i, ServicePtrs[i]->szService));
1497 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1504 /***************************************************************************
1505 Convert a string to uppercase and remove whitespaces.
1506 ***************************************************************************/
1508 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1513 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1517 result = talloc_strdup(ctx, src);
1518 SMB_ASSERT(result != NULL);
1520 if (!strlower_m(result)) {
1521 TALLOC_FREE(result);
1527 /***************************************************************************
1528 Add a name/index pair for the services array to the hash table.
1529 ***************************************************************************/
1531 static bool hash_a_service(const char *name, int idx)
1535 if ( !ServiceHash ) {
1536 DEBUG(10,("hash_a_service: creating servicehash\n"));
1537 ServiceHash = db_open_rbt(NULL);
1538 if ( !ServiceHash ) {
1539 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1544 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1547 canon_name = canonicalize_servicename(talloc_tos(), name );
1549 dbwrap_store_bystring(ServiceHash, canon_name,
1550 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1553 TALLOC_FREE(canon_name);
1558 /***************************************************************************
1559 Add a new home service, with the specified home directory, defaults coming
1561 ***************************************************************************/
1563 bool lp_add_home(const char *pszHomename, int iDefaultService,
1564 const char *user, const char *pszHomedir)
1568 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1569 pszHomedir[0] == '\0') {
1573 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1578 if (!(*(ServicePtrs[iDefaultService]->path))
1579 || strequal(ServicePtrs[iDefaultService]->path,
1580 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1581 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1584 if (!(*(ServicePtrs[i]->comment))) {
1585 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1586 if (comment == NULL) {
1589 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1590 TALLOC_FREE(comment);
1593 /* set the browseable flag from the global default */
1595 ServicePtrs[i]->browseable = sDefault.browseable;
1596 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1598 ServicePtrs[i]->autoloaded = true;
1600 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1601 user, ServicePtrs[i]->path ));
1606 /***************************************************************************
1607 Add a new service, based on an old one.
1608 ***************************************************************************/
1610 int lp_add_service(const char *pszService, int iDefaultService)
1612 if (iDefaultService < 0) {
1613 return add_a_service(&sDefault, pszService);
1616 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1619 /***************************************************************************
1620 Add the IPC service.
1621 ***************************************************************************/
1623 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1625 char *comment = NULL;
1626 int i = add_a_service(&sDefault, ipc_name);
1631 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1632 Globals.server_string);
1633 if (comment == NULL) {
1637 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1638 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1639 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1640 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1641 ServicePtrs[i]->max_connections = 0;
1642 ServicePtrs[i]->bAvailable = true;
1643 ServicePtrs[i]->read_only = true;
1644 ServicePtrs[i]->guest_only = false;
1645 ServicePtrs[i]->administrative_share = true;
1646 ServicePtrs[i]->guest_ok = guest_ok;
1647 ServicePtrs[i]->printable = false;
1648 ServicePtrs[i]->browseable = sDefault.browseable;
1650 DEBUG(3, ("adding IPC service\n"));
1652 TALLOC_FREE(comment);
1656 /***************************************************************************
1657 Add a new printer service, with defaults coming from service iFrom.
1658 ***************************************************************************/
1660 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1662 const char *comment = "From Printcap";
1663 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1668 /* note that we do NOT default the availability flag to true - */
1669 /* we take it from the default service passed. This allows all */
1670 /* dynamic printers to be disabled by disabling the [printers] */
1671 /* entry (if/when the 'available' keyword is implemented!). */
1673 /* the printer name is set to the service name. */
1674 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1675 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1677 /* set the browseable flag from the gloabl default */
1678 ServicePtrs[i]->browseable = sDefault.browseable;
1680 /* Printers cannot be read_only. */
1681 ServicePtrs[i]->read_only = false;
1682 /* No oplocks on printer services. */
1683 ServicePtrs[i]->oplocks = false;
1684 /* Printer services must be printable. */
1685 ServicePtrs[i]->printable = true;
1687 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1693 /***************************************************************************
1694 Check whether the given parameter name is valid.
1695 Parametric options (names containing a colon) are considered valid.
1696 ***************************************************************************/
1698 bool lp_parameter_is_valid(const char *pszParmName)
1700 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1701 (strchr(pszParmName, ':') != NULL));
1704 /***************************************************************************
1705 Check whether the given name is the name of a global parameter.
1706 Returns true for strings belonging to parameters of class
1707 P_GLOBAL, false for all other strings, also for parametric options
1708 and strings not belonging to any option.
1709 ***************************************************************************/
1711 bool lp_parameter_is_global(const char *pszParmName)
1713 int num = lpcfg_map_parameter(pszParmName);
1716 return (parm_table[num].p_class == P_GLOBAL);
1722 /**************************************************************************
1723 Check whether the given name is the canonical name of a parameter.
1724 Returns false if it is not a valid parameter Name.
1725 For parametric options, true is returned.
1726 **************************************************************************/
1728 bool lp_parameter_is_canonical(const char *parm_name)
1730 if (!lp_parameter_is_valid(parm_name)) {
1734 return (lpcfg_map_parameter(parm_name) ==
1735 map_parameter_canonical(parm_name, NULL));
1738 /**************************************************************************
1739 Determine the canonical name for a parameter.
1740 Indicate when it is an inverse (boolean) synonym instead of a
1742 **************************************************************************/
1744 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1749 if (!lp_parameter_is_valid(parm_name)) {
1754 num = map_parameter_canonical(parm_name, inverse);
1756 /* parametric option */
1757 *canon_parm = parm_name;
1759 *canon_parm = parm_table[num].label;
1766 /**************************************************************************
1767 Determine the canonical name for a parameter.
1768 Turn the value given into the inverse boolean expression when
1769 the synonym is an invers boolean synonym.
1771 Return true if parm_name is a valid parameter name and
1772 in case it is an invers boolean synonym, if the val string could
1773 successfully be converted to the reverse bool.
1774 Return false in all other cases.
1775 **************************************************************************/
1777 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1779 const char **canon_parm,
1780 const char **canon_val)
1785 if (!lp_parameter_is_valid(parm_name)) {
1791 num = map_parameter_canonical(parm_name, &inverse);
1793 /* parametric option */
1794 *canon_parm = parm_name;
1797 *canon_parm = parm_table[num].label;
1799 if (!lp_invert_boolean(val, canon_val)) {
1811 /***************************************************************************
1812 Map a parameter's string representation to the index of the canonical
1813 form of the parameter (it might be a synonym).
1814 Returns -1 if the parameter string is not recognised.
1815 ***************************************************************************/
1817 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1819 int parm_num, canon_num;
1820 bool loc_inverse = false;
1822 parm_num = lpcfg_map_parameter(pszParmName);
1823 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1824 /* invalid, parametric or no canidate for synonyms ... */
1828 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1829 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1830 parm_num = canon_num;
1836 if (inverse != NULL) {
1837 *inverse = loc_inverse;
1842 /***************************************************************************
1843 return true if parameter number parm1 is a synonym of parameter
1844 number parm2 (parm2 being the principal name).
1845 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1847 ***************************************************************************/
1849 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1851 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1852 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1853 (parm_table[parm1].flags & FLAG_HIDE) &&
1854 !(parm_table[parm2].flags & FLAG_HIDE))
1856 if (inverse != NULL) {
1857 if ((parm_table[parm1].type == P_BOOLREV) &&
1858 (parm_table[parm2].type == P_BOOL))
1870 /***************************************************************************
1871 Show one parameter's name, type, [values,] and flags.
1872 (helper functions for show_parameter_list)
1873 ***************************************************************************/
1875 static void show_parameter(int parmIndex)
1877 int enumIndex, flagIndex;
1882 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1883 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1885 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
1886 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
1888 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
1889 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
1890 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
1892 printf("%s=%s", parm_table[parmIndex].label,
1893 type[parm_table[parmIndex].type]);
1894 if (parm_table[parmIndex].type == P_ENUM) {
1897 parm_table[parmIndex].enum_list[enumIndex].name;
1901 enumIndex ? "|" : "",
1902 parm_table[parmIndex].enum_list[enumIndex].name);
1907 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1908 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1911 flag_names[flagIndex]);
1916 /* output synonyms */
1918 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1919 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1920 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1921 parm_table[parmIndex2].label);
1922 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1924 printf(" (synonyms: ");
1929 printf("%s%s", parm_table[parmIndex2].label,
1930 inverse ? "[i]" : "");
1940 /***************************************************************************
1941 Show all parameter's name, type, [values,] and flags.
1942 ***************************************************************************/
1944 void show_parameter_list(void)
1946 int classIndex, parmIndex;
1947 const char *section_names[] = { "local", "global", NULL};
1949 for (classIndex=0; section_names[classIndex]; classIndex++) {
1950 printf("[%s]\n", section_names[classIndex]);
1951 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1952 if (parm_table[parmIndex].p_class == classIndex) {
1953 show_parameter(parmIndex);
1959 /***************************************************************************
1960 Get the standard string representation of a boolean value ("yes" or "no")
1961 ***************************************************************************/
1963 static const char *get_boolean(bool bool_value)
1965 static const char *yes_str = "yes";
1966 static const char *no_str = "no";
1968 return (bool_value ? yes_str : no_str);
1971 /***************************************************************************
1972 Provide the string of the negated boolean value associated to the boolean
1973 given as a string. Returns false if the passed string does not correctly
1974 represent a boolean.
1975 ***************************************************************************/
1977 bool lp_invert_boolean(const char *str, const char **inverse_str)
1981 if (!set_boolean(str, &val)) {
1985 *inverse_str = get_boolean(!val);
1989 /***************************************************************************
1990 Provide the canonical string representation of a boolean value given
1991 as a string. Return true on success, false if the string given does
1992 not correctly represent a boolean.
1993 ***************************************************************************/
1995 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1999 if (!set_boolean(str, &val)) {
2003 *canon_str = get_boolean(val);
2007 /***************************************************************************
2008 Find a service by name. Otherwise works like get_service.
2009 ***************************************************************************/
2011 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
2018 if (ServiceHash == NULL) {
2022 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
2024 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
2027 if (NT_STATUS_IS_OK(status) &&
2028 (data.dptr != NULL) &&
2029 (data.dsize == sizeof(iService)))
2031 iService = *(int *)data.dptr;
2034 TALLOC_FREE(canon_name);
2036 if ((iService != -1) && (LP_SNUM_OK(iService))
2037 && (pserviceDest != NULL)) {
2038 copy_service(pserviceDest, ServicePtrs[iService], NULL);
2044 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
2045 struct loadparm_service *lp_service(const char *pszServiceName)
2047 int iService = getservicebyname(pszServiceName, NULL);
2048 if (iService == -1 || !LP_SNUM_OK(iService)) {
2051 return ServicePtrs[iService];
2054 struct loadparm_service *lp_servicebynum(int snum)
2056 if ((snum == -1) || !LP_SNUM_OK(snum)) {
2059 return ServicePtrs[snum];
2062 struct loadparm_service *lp_default_loadparm_service()
2067 /***************************************************************************
2068 Check a service for consistency. Return false if the service is in any way
2069 incomplete or faulty, else true.
2070 ***************************************************************************/
2072 bool service_ok(int iService)
2077 if (ServicePtrs[iService]->szService[0] == '\0') {
2078 DEBUG(0, ("The following message indicates an internal error:\n"));
2079 DEBUG(0, ("No service name in service entry.\n"));
2083 /* The [printers] entry MUST be printable. I'm all for flexibility, but */
2084 /* I can't see why you'd want a non-printable printer service... */
2085 if (strwicmp(ServicePtrs[iService]->szService, PRINTERS_NAME) == 0) {
2086 if (!ServicePtrs[iService]->printable) {
2087 DEBUG(0, ("WARNING: [%s] service MUST be printable!\n",
2088 ServicePtrs[iService]->szService));
2089 ServicePtrs[iService]->printable = true;
2091 /* [printers] service must also be non-browsable. */
2092 if (ServicePtrs[iService]->browseable)
2093 ServicePtrs[iService]->browseable = false;
2096 if (ServicePtrs[iService]->path[0] == '\0' &&
2097 strwicmp(ServicePtrs[iService]->szService, HOMES_NAME) != 0 &&
2098 ServicePtrs[iService]->msdfs_proxy[0] == '\0'
2100 DEBUG(0, ("WARNING: No path in service %s - making it unavailable!\n",
2101 ServicePtrs[iService]->szService));
2102 ServicePtrs[iService]->bAvailable = false;
2105 /* If a service is flagged unavailable, log the fact at level 1. */
2106 if (!ServicePtrs[iService]->bAvailable)
2107 DEBUG(1, ("NOTE: Service %s is flagged unavailable.\n",
2108 ServicePtrs[iService]->szService));
2113 static struct smbconf_ctx *lp_smbconf_ctx(void)
2116 static struct smbconf_ctx *conf_ctx = NULL;
2118 if (conf_ctx == NULL) {
2119 err = smbconf_init(NULL, &conf_ctx, "registry:");
2120 if (!SBC_ERROR_IS_OK(err)) {
2121 DEBUG(1, ("error initializing registry configuration: "
2122 "%s\n", sbcErrorString(err)));
2130 static bool process_smbconf_service(struct smbconf_service *service)
2135 if (service == NULL) {
2139 ret = do_section(service->name, NULL);
2143 for (count = 0; count < service->num_params; count++) {
2144 ret = do_parameter(service->param_names[count],
2145 service->param_values[count],
2151 if (iServiceIndex >= 0) {
2152 return service_ok(iServiceIndex);
2158 * load a service from registry and activate it
2160 bool process_registry_service(const char *service_name)
2163 struct smbconf_service *service = NULL;
2164 TALLOC_CTX *mem_ctx = talloc_stackframe();
2165 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2168 if (conf_ctx == NULL) {
2172 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2174 if (!smbconf_share_exists(conf_ctx, service_name)) {
2176 * Registry does not contain data for this service (yet),
2177 * but make sure lp_load doesn't return false.
2183 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2184 if (!SBC_ERROR_IS_OK(err)) {
2188 ret = process_smbconf_service(service);
2194 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2197 TALLOC_FREE(mem_ctx);
2202 * process_registry_globals
2204 static bool process_registry_globals(void)
2208 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2210 ret = do_parameter("registry shares", "yes", NULL);
2215 return process_registry_service(GLOBAL_NAME);
2218 bool process_registry_shares(void)
2222 struct smbconf_service **service = NULL;
2223 uint32_t num_shares = 0;
2224 TALLOC_CTX *mem_ctx = talloc_stackframe();
2225 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2228 if (conf_ctx == NULL) {
2232 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2233 if (!SBC_ERROR_IS_OK(err)) {
2239 for (count = 0; count < num_shares; count++) {
2240 if (strequal(service[count]->name, GLOBAL_NAME)) {
2243 ret = process_smbconf_service(service[count]);
2250 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2253 TALLOC_FREE(mem_ctx);
2258 * reload those shares from registry that are already
2259 * activated in the services array.
2261 static bool reload_registry_shares(void)
2266 for (i = 0; i < iNumServices; i++) {
2271 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2275 ret = process_registry_service(ServicePtrs[i]->szService);
2286 #define MAX_INCLUDE_DEPTH 100
2288 static uint8_t include_depth;
2291 * Free the file lists
2293 static void free_file_list(void)
2295 struct file_lists *f;
2296 struct file_lists *next;
2309 * Utility function for outsiders to check if we're running on registry.
2311 bool lp_config_backend_is_registry(void)
2313 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2317 * Utility function to check if the config backend is FILE.
2319 bool lp_config_backend_is_file(void)
2321 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2324 /*******************************************************************
2325 Check if a config file has changed date.
2326 ********************************************************************/
2328 bool lp_file_list_changed(void)
2330 struct file_lists *f = file_lists;
2332 DEBUG(6, ("lp_file_list_changed()\n"));
2337 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2338 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2340 if (conf_ctx == NULL) {
2343 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2346 DEBUGADD(6, ("registry config changed\n"));
2351 n2 = talloc_sub_basic(talloc_tos(),
2352 get_current_username(),
2353 current_user_info.domain,
2358 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2359 f->name, n2, ctime(&f->modtime)));
2361 mod_time = file_modtime(n2);
2364 ((f->modtime != mod_time) ||
2365 (f->subfname == NULL) ||
2366 (strcmp(n2, f->subfname) != 0)))
2369 ("file %s modified: %s\n", n2,
2371 f->modtime = mod_time;
2372 TALLOC_FREE(f->subfname);
2373 f->subfname = talloc_strdup(f, n2);
2374 if (f->subfname == NULL) {
2375 smb_panic("talloc_strdup failed");
2389 * Initialize iconv conversion descriptors.
2391 * This is called the first time it is needed, and also called again
2392 * every time the configuration is reloaded, because the charset or
2393 * codepage might have changed.
2395 static void init_iconv(void)
2397 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2399 true, global_iconv_handle);
2402 /***************************************************************************
2403 Handle the include operation.
2404 ***************************************************************************/
2405 static bool bAllowIncludeRegistry = true;
2407 bool lp_include(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2411 if (include_depth >= MAX_INCLUDE_DEPTH) {
2412 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2417 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2418 if (!bAllowIncludeRegistry) {
2421 if (bInGlobalSection) {
2424 ret = process_registry_globals();
2428 DEBUG(1, ("\"include = registry\" only effective "
2429 "in %s section\n", GLOBAL_NAME));
2434 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2435 current_user_info.domain,
2438 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2441 string_set(Globals.ctx, ptr, fname);
2443 string_set(ServicePtrs[snum], ptr, fname);
2446 if (file_exist(fname)) {
2449 ret = pm_process(fname, do_section, do_parameter, NULL);
2455 DEBUG(2, ("Can't find include file %s\n", fname));
2460 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2462 char *config_option = NULL;
2463 const char *range = NULL;
2466 SMB_ASSERT(low != NULL);
2467 SMB_ASSERT(high != NULL);
2469 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2473 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2475 if (config_option == NULL) {
2476 DEBUG(0, ("out of memory\n"));
2480 range = lp_parm_const_string(-1, config_option, "range", NULL);
2481 if (range == NULL) {
2482 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2486 if (sscanf(range, "%u - %u", low, high) != 2) {
2487 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2488 range, domain_name));
2495 talloc_free(config_option);
2500 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2502 return lp_idmap_range("*", low, high);
2505 const char *lp_idmap_backend(const char *domain_name)
2507 char *config_option = NULL;
2508 const char *backend = NULL;
2510 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2514 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2516 if (config_option == NULL) {
2517 DEBUG(0, ("out of memory\n"));
2521 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2522 if (backend == NULL) {
2523 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2528 talloc_free(config_option);
2532 const char *lp_idmap_default_backend(void)
2534 return lp_idmap_backend("*");
2537 /***************************************************************************
2538 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2539 ***************************************************************************/
2541 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2543 const char *suffix_string;
2545 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2546 Globals.ldap_suffix );
2547 if ( !suffix_string ) {
2548 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2552 return suffix_string;
2555 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2557 if (Globals.szLdapMachineSuffix[0])
2558 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2560 return lp_string(ctx, Globals.ldap_suffix);
2563 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2565 if (Globals.szLdapUserSuffix[0])
2566 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2568 return lp_string(ctx, Globals.ldap_suffix);
2571 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2573 if (Globals.szLdapGroupSuffix[0])
2574 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2576 return lp_string(ctx, Globals.ldap_suffix);
2579 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2581 if (Globals.szLdapIdmapSuffix[0])
2582 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2584 return lp_string(ctx, Globals.ldap_suffix);
2588 return the parameter pointer for a parameter
2590 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2592 if (service == NULL) {
2593 if (parm->p_class == P_LOCAL)
2594 return (void *)(((char *)&sDefault)+parm->offset);
2595 else if (parm->p_class == P_GLOBAL)
2596 return (void *)(((char *)&Globals)+parm->offset);
2599 return (void *)(((char *)service) + parm->offset);
2603 /***************************************************************************
2604 Return the local pointer to a parameter given the service number and parameter
2605 ***************************************************************************/
2607 void *lp_local_ptr_by_snum(int snum, struct parm_struct *parm)
2609 return lp_parm_ptr(ServicePtrs[snum], parm);
2612 /***************************************************************************
2613 Process a parameter for a particular service number. If snum < 0
2614 then assume we are in the globals.
2615 ***************************************************************************/
2617 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2620 void *parm_ptr = NULL; /* where we are going to store the result */
2621 struct parmlist_entry **opt_list;
2622 TALLOC_CTX *mem_ctx;
2624 parmnum = lpcfg_map_parameter(pszParmName);
2627 if (strchr(pszParmName, ':') == NULL) {
2628 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n",
2634 * We've got a parametric option
2638 opt_list = &Globals.param_opt;
2639 set_param_opt(NULL, opt_list, pszParmName, pszParmValue, 0);
2641 opt_list = &ServicePtrs[snum]->param_opt;
2642 set_param_opt(ServicePtrs[snum], opt_list, pszParmName, pszParmValue, 0);
2648 /* if it's already been set by the command line, then we don't
2650 if (parm_table[parmnum].flags & FLAG_CMDLINE) {
2654 if (parm_table[parmnum].flags & FLAG_DEPRECATED) {
2655 DEBUG(1, ("WARNING: The \"%s\" option is deprecated\n",
2659 /* we might point at a service, the default service or a global */
2661 parm_ptr = lp_parm_ptr(NULL, &parm_table[parmnum]);
2663 if (parm_table[parmnum].p_class == P_GLOBAL) {
2665 ("Global parameter %s found in service section!\n",
2669 parm_ptr = lp_local_ptr_by_snum(snum, &parm_table[parmnum]);
2673 if (!ServicePtrs[snum]->copymap)
2674 init_copymap(ServicePtrs[snum]);
2676 /* this handles the aliases - set the copymap for other entries with
2677 the same data pointer */
2678 for (i = 0; parm_table[i].label; i++) {
2679 if ((parm_table[i].offset == parm_table[parmnum].offset)
2680 && (parm_table[i].p_class == parm_table[parmnum].p_class)) {
2681 bitmap_clear(ServicePtrs[snum]->copymap, i);
2684 mem_ctx = ServicePtrs[snum];
2686 mem_ctx = Globals.ctx;
2689 /* if it is a special case then go ahead */
2690 if (parm_table[parmnum].special) {
2692 struct loadparm_context *lp_ctx = loadparm_init_s3(talloc_tos(),
2693 loadparm_s3_helpers());
2694 lp_ctx->sDefault = &sDefault;
2695 lp_ctx->services = ServicePtrs;
2696 ok = parm_table[parmnum].special(lp_ctx, snum, pszParmValue,
2698 TALLOC_FREE(lp_ctx);
2703 /* now switch on the type of variable it is */
2704 switch (parm_table[parmnum].type)
2707 *(bool *)parm_ptr = lp_bool(pszParmValue);
2711 *(bool *)parm_ptr = !lp_bool(pszParmValue);
2715 *(int *)parm_ptr = lp_int(pszParmValue);
2719 *(char *)parm_ptr = *pszParmValue;
2723 i = sscanf(pszParmValue, "%o", (int *)parm_ptr);
2725 DEBUG ( 0, ("Invalid octal number %s\n", pszParmName ));
2732 if (conv_str_size_error(pszParmValue, &val)) {
2733 if (val <= INT_MAX) {
2734 *(int *)parm_ptr = (int)val;
2739 DEBUG(0,("lp_do_parameter(%s): value is not "
2740 "a valid size specifier!\n", pszParmValue));
2746 TALLOC_FREE(*((char ***)parm_ptr));
2747 *(char ***)parm_ptr = str_list_make_v3(
2748 NULL, pszParmValue, NULL);
2752 string_set(mem_ctx, (char **)parm_ptr, pszParmValue);
2757 char *upper_string = strupper_talloc(talloc_tos(),
2759 string_set(mem_ctx, (char **)parm_ptr, upper_string);
2760 TALLOC_FREE(upper_string);
2764 if (!lp_set_enum_parm(&parm_table[parmnum], pszParmValue, (int*)parm_ptr)) {
2775 /***************************************************************************
2776 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2777 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2778 ***************************************************************************/
2780 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue, bool store_values)
2783 parmnum = lpcfg_map_parameter(pszParmName);
2785 parm_table[parmnum].flags &= ~FLAG_CMDLINE;
2786 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2789 parm_table[parmnum].flags |= FLAG_CMDLINE;
2791 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2792 * be grouped in the table, so we don't have to search the
2795 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2796 && parm_table[i].p_class == parm_table[parmnum].p_class;
2798 parm_table[i].flags |= FLAG_CMDLINE;
2800 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2801 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2802 parm_table[i].flags |= FLAG_CMDLINE;
2806 store_lp_set_cmdline(pszParmName, pszParmValue);
2811 /* it might be parametric */
2812 if (strchr(pszParmName, ':') != NULL) {
2813 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2815 store_lp_set_cmdline(pszParmName, pszParmValue);
2820 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2824 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2826 return lp_set_cmdline_helper(pszParmName, pszParmValue, true);
2829 /***************************************************************************
2830 Process a parameter.
2831 ***************************************************************************/
2833 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2836 if (!bInGlobalSection && bGlobalOnly)
2839 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2841 return (lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2842 pszParmName, pszParmValue));
2845 /***************************************************************************
2846 Initialize any local variables in the sDefault table, after parsing a
2848 ***************************************************************************/
2850 static void init_locals(void)
2853 * We run this check once the [globals] is parsed, to force
2854 * the VFS objects and other per-share settings we need for
2855 * the standard way a AD DC is operated. We may change these
2856 * as our code evolves, which is why we force these settings.
2858 * We can't do this at the end of lp_load_ex(), as by that
2859 * point the services have been loaded and they will already
2860 * have "" as their vfs objects.
2862 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2863 const char **vfs_objects = lp_vfs_objects(-1);
2864 if (!vfs_objects || !vfs_objects[0]) {
2865 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2866 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2867 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2868 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2870 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2874 lp_do_parameter(-1, "map hidden", "no");
2875 lp_do_parameter(-1, "map system", "no");
2876 lp_do_parameter(-1, "map readonly", "no");
2877 lp_do_parameter(-1, "map archive", "no");
2878 lp_do_parameter(-1, "store dos attributes", "yes");
2882 /***************************************************************************
2883 Process a new section (service). At this stage all sections are services.
2884 Later we'll have special sections that permit server parameters to be set.
2885 Returns true on success, false on failure.
2886 ***************************************************************************/
2888 static bool do_section(const char *pszSectionName, void *userdata)
2891 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2892 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2895 /* if we were in a global section then do the local inits */
2896 if (bInGlobalSection && !isglobal)
2899 /* if we've just struck a global section, note the fact. */
2900 bInGlobalSection = isglobal;
2902 /* check for multiple global sections */
2903 if (bInGlobalSection) {
2904 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2908 if (!bInGlobalSection && bGlobalOnly)
2911 /* if we have a current service, tidy it up before moving on */
2914 if (iServiceIndex >= 0)
2915 bRetval = service_ok(iServiceIndex);
2917 /* if all is still well, move to the next record in the services array */
2919 /* We put this here to avoid an odd message order if messages are */
2920 /* issued by the post-processing of a previous section. */
2921 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2923 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2924 if (iServiceIndex < 0) {
2925 DEBUG(0, ("Failed to add a new service\n"));
2928 /* Clean all parametric options for service */
2929 /* They will be added during parsing again */
2930 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2937 /***************************************************************************
2938 Determine if a partcular base parameter is currentl set to the default value.
2939 ***************************************************************************/
2941 static bool is_default(int i)
2943 switch (parm_table[i].type) {
2946 return str_list_equal((const char * const *)parm_table[i].def.lvalue,
2947 *(const char ***)lp_parm_ptr(NULL,
2951 return strequal(parm_table[i].def.svalue,
2952 *(char **)lp_parm_ptr(NULL,
2956 return parm_table[i].def.bvalue ==
2957 *(bool *)lp_parm_ptr(NULL,
2960 return parm_table[i].def.cvalue ==
2961 *(char *)lp_parm_ptr(NULL,
2967 return parm_table[i].def.ivalue ==
2968 *(int *)lp_parm_ptr(NULL,
2976 /***************************************************************************
2977 Display the contents of the global structure.
2978 ***************************************************************************/
2980 static void dump_globals(FILE *f)
2983 struct parmlist_entry *data;
2985 fprintf(f, "[global]\n");
2987 for (i = 0; parm_table[i].label; i++)
2988 if (parm_table[i].p_class == P_GLOBAL &&
2989 !(parm_table[i].flags & FLAG_META) &&
2990 (i == 0 || (parm_table[i].offset != parm_table[i - 1].offset))) {
2991 if (defaults_saved && is_default(i))
2993 fprintf(f, "\t%s = ", parm_table[i].label);
2994 lpcfg_print_parameter(&parm_table[i], lp_parm_ptr(NULL,
2999 if (Globals.param_opt != NULL) {
3000 data = Globals.param_opt;
3002 fprintf(f, "\t%s = %s\n", data->key, data->value);
3009 /***************************************************************************
3010 Display the contents of a single services record.
3011 ***************************************************************************/
3013 static void dump_a_service(struct loadparm_service *pService, FILE * f, bool show_defaults)
3015 return lpcfg_dump_a_service(pService, &sDefault, f, NULL, show_defaults);
3018 /***************************************************************************
3019 Display the contents of a parameter of a single services record.
3020 ***************************************************************************/
3022 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
3024 bool result = false;
3026 struct loadparm_context *lp_ctx;
3028 lp_ctx = loadparm_init_s3(talloc_tos(), loadparm_s3_helpers());
3029 if (lp_ctx == NULL) {
3034 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
3036 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
3038 TALLOC_FREE(lp_ctx);
3042 /***************************************************************************
3043 Return info about the requested parameter (given as a string).
3044 Return NULL when the string is not a valid parameter name.
3045 ***************************************************************************/
3047 struct parm_struct *lp_get_parameter(const char *param_name)
3049 int num = lpcfg_map_parameter(param_name);
3055 return &parm_table[num];
3059 /***************************************************************************
3060 Display the contents of a single copy structure.
3061 ***************************************************************************/
3062 static void dump_copy_map(bool *pcopymap)
3068 printf("\n\tNon-Copied parameters:\n");
3070 for (i = 0; parm_table[i].label; i++)
3071 if (parm_table[i].p_class == P_LOCAL &&
3072 parm_table[i].ptr && !pcopymap[i] &&
3073 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
3075 printf("\t\t%s\n", parm_table[i].label);
3080 /***************************************************************************
3081 Return TRUE if the passed service number is within range.
3082 ***************************************************************************/
3084 bool lp_snum_ok(int iService)
3086 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
3089 /***************************************************************************
3090 Auto-load some home services.
3091 ***************************************************************************/
3093 static void lp_add_auto_services(char *str)
3103 s = talloc_strdup(talloc_tos(), str);
3105 smb_panic("talloc_strdup failed");
3109 homes = lp_servicenumber(HOMES_NAME);
3111 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
3112 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
3115 if (lp_servicenumber(p) >= 0)
3118 home = get_user_home_dir(talloc_tos(), p);
3120 if (home && home[0] && homes >= 0)
3121 lp_add_home(p, homes, p, home);
3128 /***************************************************************************
3129 Auto-load one printer.
3130 ***************************************************************************/
3132 void lp_add_one_printer(const char *name, const char *comment,
3133 const char *location, void *pdata)
3135 int printers = lp_servicenumber(PRINTERS_NAME);
3138 if (lp_servicenumber(name) < 0) {
3139 lp_add_printer(name, printers);
3140 if ((i = lp_servicenumber(name)) >= 0) {
3141 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
3142 ServicePtrs[i]->autoloaded = true;
3147 /***************************************************************************
3148 Have we loaded a services file yet?
3149 ***************************************************************************/
3151 bool lp_loaded(void)
3156 /***************************************************************************
3157 Unload unused services.
3158 ***************************************************************************/
3160 void lp_killunused(struct smbd_server_connection *sconn,
3161 bool (*snumused) (struct smbd_server_connection *, int))
3164 for (i = 0; i < iNumServices; i++) {
3168 /* don't kill autoloaded or usershare services */
3169 if ( ServicePtrs[i]->autoloaded ||
3170 ServicePtrs[i]->usershare == USERSHARE_VALID) {
3174 if (!snumused || !snumused(sconn, i)) {
3175 free_service_byindex(i);
3181 * Kill all except autoloaded and usershare services - convenience wrapper
3183 void lp_kill_all_services(void)
3185 lp_killunused(NULL, NULL);
3188 /***************************************************************************
3190 ***************************************************************************/
3192 void lp_killservice(int iServiceIn)
3194 if (VALID(iServiceIn)) {
3195 free_service_byindex(iServiceIn);
3199 /***************************************************************************
3200 Save the curent values of all global and sDefault parameters into the
3201 defaults union. This allows testparm to show only the
3202 changed (ie. non-default) parameters.
3203 ***************************************************************************/
3205 static void lp_save_defaults(void)
3208 for (i = 0; parm_table[i].label; i++) {
3209 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
3210 && parm_table[i].p_class == parm_table[i - 1].p_class)
3212 switch (parm_table[i].type) {
3215 parm_table[i].def.lvalue = str_list_copy(
3216 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
3220 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
3221 if (parm_table[i].def.svalue == NULL) {
3222 smb_panic("talloc_strdup failed");
3227 parm_table[i].def.bvalue =
3228 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
3231 parm_table[i].def.cvalue =
3232 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
3238 parm_table[i].def.ivalue =
3239 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
3245 defaults_saved = true;
3248 /***********************************************************
3249 If we should send plaintext/LANMAN passwords in the clinet
3250 ************************************************************/
3252 static void set_allowed_client_auth(void)
3254 if (Globals.client_ntlmv2_auth) {
3255 Globals.client_lanman_auth = false;
3257 if (!Globals.client_lanman_auth) {
3258 Globals.client_plaintext_auth = false;
3262 /***************************************************************************
3264 The following code allows smbd to read a user defined share file.
3265 Yes, this is my intent. Yes, I'm comfortable with that...
3267 THE FOLLOWING IS SECURITY CRITICAL CODE.
3269 It washes your clothes, it cleans your house, it guards you while you sleep...
3270 Do not f%^k with it....
3271 ***************************************************************************/
3273 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3275 /***************************************************************************
3276 Check allowed stat state of a usershare file.
3277 Ensure we print out who is dicking with us so the admin can
3278 get their sorry ass fired.
3279 ***************************************************************************/
3281 static bool check_usershare_stat(const char *fname,
3282 const SMB_STRUCT_STAT *psbuf)
3284 if (!S_ISREG(psbuf->st_ex_mode)) {
3285 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3286 "not a regular file\n",
3287 fname, (unsigned int)psbuf->st_ex_uid ));
3291 /* Ensure this doesn't have the other write bit set. */
3292 if (psbuf->st_ex_mode & S_IWOTH) {
3293 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3294 "public write. Refusing to allow as a usershare file.\n",
3295 fname, (unsigned int)psbuf->st_ex_uid ));
3299 /* Should be 10k or less. */
3300 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3301 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3302 "too large (%u) to be a user share file.\n",
3303 fname, (unsigned int)psbuf->st_ex_uid,
3304 (unsigned int)psbuf->st_ex_size ));
3311 /***************************************************************************
3312 Parse the contents of a usershare file.
3313 ***************************************************************************/
3315 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3316 SMB_STRUCT_STAT *psbuf,
3317 const char *servicename,
3321 char **pp_sharepath,
3323 char **pp_cp_servicename,
3324 struct security_descriptor **ppsd,
3327 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3328 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3331 SMB_STRUCT_STAT sbuf;
3332 char *sharepath = NULL;
3333 char *comment = NULL;
3335 *pp_sharepath = NULL;
3338 *pallow_guest = false;
3341 return USERSHARE_MALFORMED_FILE;
3344 if (strcmp(lines[0], "#VERSION 1") == 0) {
3346 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3349 return USERSHARE_MALFORMED_FILE;
3352 return USERSHARE_BAD_VERSION;
3355 if (strncmp(lines[1], "path=", 5) != 0) {
3356 return USERSHARE_MALFORMED_PATH;
3359 sharepath = talloc_strdup(ctx, &lines[1][5]);
3361 return USERSHARE_POSIX_ERR;
3363 trim_string(sharepath, " ", " ");
3365 if (strncmp(lines[2], "comment=", 8) != 0) {
3366 return USERSHARE_MALFORMED_COMMENT_DEF;
3369 comment = talloc_strdup(ctx, &lines[2][8]);
3371 return USERSHARE_POSIX_ERR;
3373 trim_string(comment, " ", " ");
3374 trim_char(comment, '"', '"');
3376 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3377 return USERSHARE_MALFORMED_ACL_DEF;
3380 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3381 return USERSHARE_ACL_ERR;
3385 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3386 return USERSHARE_MALFORMED_ACL_DEF;
3388 if (lines[4][9] == 'y') {
3389 *pallow_guest = true;
3392 /* Backwards compatible extension to file version #2. */
3394 if (strncmp(lines[5], "sharename=", 10) != 0) {
3395 return USERSHARE_MALFORMED_SHARENAME_DEF;
3397 if (!strequal(&lines[5][10], servicename)) {
3398 return USERSHARE_BAD_SHARENAME;
3400 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3401 if (!*pp_cp_servicename) {
3402 return USERSHARE_POSIX_ERR;
3407 if (*pp_cp_servicename == NULL) {
3408 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3409 if (!*pp_cp_servicename) {
3410 return USERSHARE_POSIX_ERR;
3414 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3415 /* Path didn't change, no checks needed. */
3416 *pp_sharepath = sharepath;
3417 *pp_comment = comment;
3418 return USERSHARE_OK;
3421 /* The path *must* be absolute. */
3422 if (sharepath[0] != '/') {
3423 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3424 servicename, sharepath));
3425 return USERSHARE_PATH_NOT_ABSOLUTE;
3428 /* If there is a usershare prefix deny list ensure one of these paths
3429 doesn't match the start of the user given path. */
3430 if (prefixdenylist) {
3432 for ( i=0; prefixdenylist[i]; i++ ) {
3433 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3434 servicename, i, prefixdenylist[i], sharepath ));
3435 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3436 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3437 "usershare prefix deny list entries.\n",
3438 servicename, sharepath));
3439 return USERSHARE_PATH_IS_DENIED;
3444 /* If there is a usershare prefix allow list ensure one of these paths
3445 does match the start of the user given path. */
3447 if (prefixallowlist) {
3449 for ( i=0; prefixallowlist[i]; i++ ) {
3450 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3451 servicename, i, prefixallowlist[i], sharepath ));
3452 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3456 if (prefixallowlist[i] == NULL) {
3457 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3458 "usershare prefix allow list entries.\n",
3459 servicename, sharepath));
3460 return USERSHARE_PATH_NOT_ALLOWED;
3464 /* Ensure this is pointing to a directory. */
3465 dp = opendir(sharepath);
3468 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3469 servicename, sharepath));
3470 return USERSHARE_PATH_NOT_DIRECTORY;
3473 /* Ensure the owner of the usershare file has permission to share
3476 if (sys_stat(sharepath, &sbuf, false) == -1) {
3477 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3478 servicename, sharepath, strerror(errno) ));
3480 return USERSHARE_POSIX_ERR;
3485 if (!S_ISDIR(sbuf.st_ex_mode)) {
3486 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3487 servicename, sharepath ));
3488 return USERSHARE_PATH_NOT_DIRECTORY;
3491 /* Check if sharing is restricted to owner-only. */
3492 /* psbuf is the stat of the usershare definition file,
3493 sbuf is the stat of the target directory to be shared. */
3495 if (lp_usershare_owner_only()) {
3496 /* root can share anything. */
3497 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3498 return USERSHARE_PATH_NOT_ALLOWED;
3502 *pp_sharepath = sharepath;
3503 *pp_comment = comment;
3504 return USERSHARE_OK;
3507 /***************************************************************************
3508 Deal with a usershare file.
3511 -1 - Bad name, invalid contents.
3512 - service name already existed and not a usershare, problem
3513 with permissions to share directory etc.
3514 ***************************************************************************/
3516 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3518 SMB_STRUCT_STAT sbuf;
3519 SMB_STRUCT_STAT lsbuf;
3521 char *sharepath = NULL;
3522 char *comment = NULL;
3523 char *cp_service_name = NULL;
3524 char **lines = NULL;
3528 TALLOC_CTX *ctx = talloc_stackframe();
3529 struct security_descriptor *psd = NULL;
3530 bool guest_ok = false;
3531 char *canon_name = NULL;
3532 bool added_service = false;
3535 /* Ensure share name doesn't contain invalid characters. */
3536 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3537 DEBUG(0,("process_usershare_file: share name %s contains "
3538 "invalid characters (any of %s)\n",
3539 file_name, INVALID_SHARENAME_CHARS ));
3543 canon_name = canonicalize_servicename(ctx, file_name);
3548 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3553 /* Minimize the race condition by doing an lstat before we
3554 open and fstat. Ensure this isn't a symlink link. */
3556 if (sys_lstat(fname, &lsbuf, false) != 0) {
3557 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3558 fname, strerror(errno) ));
3562 /* This must be a regular file, not a symlink, directory or
3563 other strange filetype. */
3564 if (!check_usershare_stat(fname, &lsbuf)) {
3572 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3577 if (NT_STATUS_IS_OK(status) &&
3578 (data.dptr != NULL) &&
3579 (data.dsize == sizeof(iService))) {
3580 memcpy(&iService, data.dptr, sizeof(iService));
3584 if (iService != -1 &&
3585 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3586 &lsbuf.st_ex_mtime) == 0) {
3587 /* Nothing changed - Mark valid and return. */
3588 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3590 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3595 /* Try and open the file read only - no symlinks allowed. */
3597 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3599 fd = open(fname, O_RDONLY, 0);
3603 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3604 fname, strerror(errno) ));
3608 /* Now fstat to be *SURE* it's a regular file. */
3609 if (sys_fstat(fd, &sbuf, false) != 0) {
3611 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3612 fname, strerror(errno) ));
3616 /* Is it the same dev/inode as was lstated ? */
3617 if (!check_same_stat(&lsbuf, &sbuf)) {
3619 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3620 "Symlink spoofing going on ?\n", fname ));
3624 /* This must be a regular file, not a symlink, directory or
3625 other strange filetype. */
3626 if (!check_usershare_stat(fname, &sbuf)) {
3631 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3634 if (lines == NULL) {
3635 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3636 fname, (unsigned int)sbuf.st_ex_uid ));
3640 if (parse_usershare_file(ctx, &sbuf, file_name,
3641 iService, lines, numlines, &sharepath,
3642 &comment, &cp_service_name,
3643 &psd, &guest_ok) != USERSHARE_OK) {
3647 /* Everything ok - add the service possibly using a template. */
3649 const struct loadparm_service *sp = &sDefault;
3650 if (snum_template != -1) {
3651 sp = ServicePtrs[snum_template];
3654 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3655 DEBUG(0, ("process_usershare_file: Failed to add "
3656 "new service %s\n", cp_service_name));
3660 added_service = true;
3662 /* Read only is controlled by usershare ACL below. */
3663 ServicePtrs[iService]->read_only = false;
3666 /* Write the ACL of the new/modified share. */
3667 if (!set_share_security(canon_name, psd)) {
3668 DEBUG(0, ("process_usershare_file: Failed to set share "
3669 "security for user share %s\n",
3674 /* If from a template it may be marked invalid. */
3675 ServicePtrs[iService]->valid = true;
3677 /* Set the service as a valid usershare. */
3678 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3680 /* Set guest access. */
3681 if (lp_usershare_allow_guests()) {
3682 ServicePtrs[iService]->guest_ok = guest_ok;
3685 /* And note when it was loaded. */
3686 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3687 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3688 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3694 if (ret == -1 && iService != -1 && added_service) {
3695 lp_remove_service(iService);
3703 /***************************************************************************
3704 Checks if a usershare entry has been modified since last load.
3705 ***************************************************************************/
3707 static bool usershare_exists(int iService, struct timespec *last_mod)
3709 SMB_STRUCT_STAT lsbuf;
3710 const char *usersharepath = Globals.usershare_path;
3713 fname = talloc_asprintf(talloc_tos(),
3716 ServicePtrs[iService]->szService);
3717 if (fname == NULL) {
3721 if (sys_lstat(fname, &lsbuf, false) != 0) {
3726 if (!S_ISREG(lsbuf.st_ex_mode)) {
3732 *last_mod = lsbuf.st_ex_mtime;
3736 /***************************************************************************
3737 Load a usershare service by name. Returns a valid servicenumber or -1.
3738 ***************************************************************************/
3740 int load_usershare_service(const char *servicename)
3742 SMB_STRUCT_STAT sbuf;
3743 const char *usersharepath = Globals.usershare_path;
3744 int max_user_shares = Globals.usershare_max_shares;
3745 int snum_template = -1;
3747 if (*usersharepath == 0 || max_user_shares == 0) {
3751 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3752 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3753 usersharepath, strerror(errno) ));
3757 if (!S_ISDIR(sbuf.st_ex_mode)) {
3758 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3764 * This directory must be owned by root, and have the 't' bit set.
3765 * It also must not be writable by "other".
3769 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3771 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3773 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3774 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3779 /* Ensure the template share exists if it's set. */
3780 if (Globals.usershare_template_share[0]) {
3781 /* We can't use lp_servicenumber here as we are recommending that
3782 template shares have -valid=false set. */
3783 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3784 if (ServicePtrs[snum_template]->szService &&
3785 strequal(ServicePtrs[snum_template]->szService,
3786 Globals.usershare_template_share)) {
3791 if (snum_template == -1) {
3792 DEBUG(0,("load_usershare_service: usershare template share %s "
3793 "does not exist.\n",
3794 Globals.usershare_template_share ));
3799 return process_usershare_file(usersharepath, servicename, snum_template);
3802 /***************************************************************************
3803 Load all user defined shares from the user share directory.
3804 We only do this if we're enumerating the share list.
3805 This is the function that can delete usershares that have
3807 ***************************************************************************/
3809 int load_usershare_shares(struct smbd_server_connection *sconn,
3810 bool (*snumused) (struct smbd_server_connection *, int))
3813 SMB_STRUCT_STAT sbuf;
3815 int num_usershares = 0;
3816 int max_user_shares = Globals.usershare_max_shares;
3817 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3818 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3819 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3821 int snum_template = -1;
3822 const char *usersharepath = Globals.usershare_path;
3823 int ret = lp_numservices();
3824 TALLOC_CTX *tmp_ctx;
3826 if (max_user_shares == 0 || *usersharepath == '\0') {
3827 return lp_numservices();
3830 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3831 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3832 usersharepath, strerror(errno) ));
3837 * This directory must be owned by root, and have the 't' bit set.
3838 * It also must not be writable by "other".
3842 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3844 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3846 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3847 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3852 /* Ensure the template share exists if it's set. */
3853 if (Globals.usershare_template_share[0]) {
3854 /* We can't use lp_servicenumber here as we are recommending that
3855 template shares have -valid=false set. */
3856 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3857 if (ServicePtrs[snum_template]->szService &&
3858 strequal(ServicePtrs[snum_template]->szService,
3859 Globals.usershare_template_share)) {
3864 if (snum_template == -1) {
3865 DEBUG(0,("load_usershare_shares: usershare template share %s "
3866 "does not exist.\n",
3867 Globals.usershare_template_share ));
3872 /* Mark all existing usershares as pending delete. */
3873 for (iService = iNumServices - 1; iService >= 0; iService--) {
3874 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3875 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3879 dp = opendir(usersharepath);
3881 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3882 usersharepath, strerror(errno) ));
3886 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3888 num_dir_entries++ ) {
3890 const char *n = de->d_name;
3892 /* Ignore . and .. */
3894 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3900 /* Temporary file used when creating a share. */
3901 num_tmp_dir_entries++;
3904 /* Allow 20% tmp entries. */
3905 if (num_tmp_dir_entries > allowed_tmp_entries) {
3906 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3907 "in directory %s\n",
3908 num_tmp_dir_entries, usersharepath));
3912 r = process_usershare_file(usersharepath, n, snum_template);
3914 /* Update the services count. */
3916 if (num_usershares >= max_user_shares) {
3917 DEBUG(0,("load_usershare_shares: max user shares reached "
3918 "on file %s in directory %s\n",
3919 n, usersharepath ));
3922 } else if (r == -1) {
3923 num_bad_dir_entries++;
3926 /* Allow 20% bad entries. */
3927 if (num_bad_dir_entries > allowed_bad_entries) {
3928 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3929 "in directory %s\n",
3930 num_bad_dir_entries, usersharepath));
3934 /* Allow 20% bad entries. */
3935 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3936 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3937 "in directory %s\n",
3938 num_dir_entries, usersharepath));
3945 /* Sweep through and delete any non-refreshed usershares that are
3946 not currently in use. */
3947 tmp_ctx = talloc_stackframe();
3948 for (iService = iNumServices - 1; iService >= 0; iService--) {
3949 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3952 if (snumused && snumused(sconn, iService)) {
3956 servname = lp_servicename(tmp_ctx, iService);
3958 /* Remove from the share ACL db. */
3959 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3961 delete_share_security(servname);
3962 free_service_byindex(iService);
3965 talloc_free(tmp_ctx);
3967 return lp_numservices();
3970 /********************************************************
3971 Destroy global resources allocated in this file
3972 ********************************************************/
3974 void gfree_loadparm(void)
3980 /* Free resources allocated to services */
3982 for ( i = 0; i < iNumServices; i++ ) {
3984 free_service_byindex(i);
3988 TALLOC_FREE( ServicePtrs );
3991 /* Now release all resources allocated to global
3992 parameters and the default service */
3994 free_global_parameters();
3998 /***************************************************************************
3999 Allow client apps to specify that they are a client
4000 ***************************************************************************/
4001 static void lp_set_in_client(bool b)
4007 /***************************************************************************
4008 Determine if we're running in a client app
4009 ***************************************************************************/
4010 static bool lp_is_in_client(void)
4015 /***************************************************************************
4016 Load the services array from the services file. Return true on success,
4018 ***************************************************************************/
4020 static bool lp_load_ex(const char *pszFname,
4024 bool initialize_globals,
4025 bool allow_include_registry,
4026 bool load_all_shares)
4033 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
4035 bInGlobalSection = true;
4036 bGlobalOnly = global_only;
4037 bAllowIncludeRegistry = allow_include_registry;
4039 init_globals(initialize_globals);
4043 if (save_defaults) {
4048 if (!initialize_globals) {
4049 free_param_opts(&Globals.param_opt);
4050 apply_lp_set_cmdline();
4053 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
4055 /* We get sections first, so have to start 'behind' to make up */
4058 if (lp_config_backend_is_file()) {
4059 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
4060 current_user_info.domain,
4063 smb_panic("lp_load_ex: out of memory");
4066 add_to_file_list(NULL, &file_lists, pszFname, n2);
4068 bRetval = pm_process(n2, do_section, do_parameter, NULL);
4071 /* finish up the last section */
4072 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
4074 if (iServiceIndex >= 0) {
4075 bRetval = service_ok(iServiceIndex);
4079 if (lp_config_backend_is_registry()) {
4080 /* config backend changed to registry in config file */
4082 * We need to use this extra global variable here to
4083 * survive restart: init_globals uses this as a default
4084 * for config_backend. Otherwise, init_globals would
4085 * send us into an endless loop here.
4087 config_backend = CONFIG_BACKEND_REGISTRY;
4089 DEBUG(1, ("lp_load_ex: changing to config backend "
4092 lp_kill_all_services();
4093 return lp_load_ex(pszFname, global_only, save_defaults,
4094 add_ipc, initialize_globals,
4095 allow_include_registry,
4098 } else if (lp_config_backend_is_registry()) {
4099 bRetval = process_registry_globals();
4101 DEBUG(0, ("Illegal config backend given: %d\n",
4102 lp_config_backend()));
4106 if (bRetval && lp_registry_shares()) {
4107 if (load_all_shares) {
4108 bRetval = process_registry_shares();
4110 bRetval = reload_registry_shares();
4115 char *serv = lp_auto_services(talloc_tos());
4116 lp_add_auto_services(serv);
4121 /* When 'restrict anonymous = 2' guest connections to ipc$
4123 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
4124 if ( lp_enable_asu_support() ) {
4125 lp_add_ipc("ADMIN$", false);
4129 set_allowed_client_auth();
4131 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
4132 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
4133 lp_password_server()));
4138 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
4139 /* if we_are_a_wins_server is true and we are in the client */
4140 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
4141 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
4146 fault_configure(smb_panic_s3);
4149 * We run this check once the whole smb.conf is parsed, to
4150 * force some settings for the standard way a AD DC is
4151 * operated. We may changed these as our code evolves, which
4152 * is why we force these settings.
4154 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
4155 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
4157 lp_do_parameter(-1, "rpc_server:default", "external");
4158 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
4159 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
4160 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
4161 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
4162 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
4163 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
4164 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
4165 lp_do_parameter(-1, "rpc_server:tcpip", "no");
4168 bAllowIncludeRegistry = true;
4173 bool lp_load(const char *pszFname,
4177 bool initialize_globals)
4179 return lp_load_ex(pszFname,
4184 true, /* allow_include_registry */
4185 false); /* load_all_shares*/
4188 bool lp_load_initial_only(const char *pszFname)
4190 return lp_load_ex(pszFname,
4191 true, /* global only */
4192 false, /* save_defaults */
4193 false, /* add_ipc */
4194 true, /* initialize_globals */
4195 false, /* allow_include_registry */
4196 false); /* load_all_shares*/
4200 * most common lp_load wrapper, loading only the globals
4202 bool lp_load_global(const char *file_name)
4204 return lp_load_ex(file_name,
4205 true, /* global_only */
4206 false, /* save_defaults */
4207 false, /* add_ipc */
4208 true, /* initialize_globals */
4209 true, /* allow_include_registry */
4210 false); /* load_all_shares*/
4214 * lp_load wrapper, especially for clients
4216 bool lp_load_client(const char *file_name)
4218 lp_set_in_client(true);
4220 return lp_load_global(file_name);
4224 * lp_load wrapper, loading only globals, but intended
4225 * for subsequent calls, not reinitializing the globals
4228 bool lp_load_global_no_reinit(const char *file_name)
4230 return lp_load_ex(file_name,
4231 true, /* global_only */
4232 false, /* save_defaults */
4233 false, /* add_ipc */
4234 false, /* initialize_globals */
4235 true, /* allow_include_registry */
4236 false); /* load_all_shares*/
4240 * lp_load wrapper, especially for clients, no reinitialization
4242 bool lp_load_client_no_reinit(const char *file_name)
4244 lp_set_in_client(true);
4246 return lp_load_global_no_reinit(file_name);
4249 bool lp_load_with_registry_shares(const char *pszFname,
4253 bool initialize_globals)
4255 return lp_load_ex(pszFname,
4260 true, /* allow_include_registry */
4261 true); /* load_all_shares*/
4264 /***************************************************************************
4265 Return the max number of services.
4266 ***************************************************************************/
4268 int lp_numservices(void)
4270 return (iNumServices);
4273 /***************************************************************************
4274 Display the contents of the services array in human-readable form.
4275 ***************************************************************************/
4277 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4282 defaults_saved = false;
4286 dump_a_service(&sDefault, f, show_defaults);
4288 for (iService = 0; iService < maxtoprint; iService++) {
4290 lp_dump_one(f, show_defaults, iService);
4294 /***************************************************************************
4295 Display the contents of one service in human-readable form.
4296 ***************************************************************************/
4298 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4301 if (ServicePtrs[snum]->szService[0] == '\0')
4303 dump_a_service(ServicePtrs[snum], f, show_defaults);
4307 /***************************************************************************
4308 Return the number of the service with the given name, or -1 if it doesn't
4309 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4310 getservicebyname()! This works ONLY if all services have been loaded, and
4311 does not copy the found service.
4312 ***************************************************************************/
4314 int lp_servicenumber(const char *pszServiceName)
4317 fstring serviceName;
4319 if (!pszServiceName) {
4320 return GLOBAL_SECTION_SNUM;
4323 for (iService = iNumServices - 1; iService >= 0; iService--) {
4324 if (VALID(iService) && ServicePtrs[iService]->szService) {
4326 * The substitution here is used to support %U is
4329 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4330 standard_sub_basic(get_current_username(),
4331 current_user_info.domain,
4332 serviceName,sizeof(serviceName));
4333 if (strequal(serviceName, pszServiceName)) {
4339 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4340 struct timespec last_mod;
4342 if (!usershare_exists(iService, &last_mod)) {
4343 /* Remove the share security tdb entry for it. */
4344 delete_share_security(lp_servicename(talloc_tos(), iService));
4345 /* Remove it from the array. */
4346 free_service_byindex(iService);
4347 /* Doesn't exist anymore. */
4348 return GLOBAL_SECTION_SNUM;
4351 /* Has it been modified ? If so delete and reload. */
4352 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4354 /* Remove it from the array. */
4355 free_service_byindex(iService);
4356 /* and now reload it. */
4357 iService = load_usershare_service(pszServiceName);
4362 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4363 return GLOBAL_SECTION_SNUM;
4369 /*******************************************************************
4370 A useful volume label function.
4371 ********************************************************************/
4373 const char *volume_label(TALLOC_CTX *ctx, int snum)
4376 const char *label = lp_volume(ctx, snum);
4378 label = lp_servicename(ctx, snum);
4381 /* This returns a 33 byte guarenteed null terminated string. */
4382 ret = talloc_strndup(ctx, label, 32);
4389 /*******************************************************************
4390 Get the default server type we will announce as via nmbd.
4391 ********************************************************************/
4393 int lp_default_server_announce(void)
4395 int default_server_announce = 0;
4396 default_server_announce |= SV_TYPE_WORKSTATION;
4397 default_server_announce |= SV_TYPE_SERVER;
4398 default_server_announce |= SV_TYPE_SERVER_UNIX;
4400 /* note that the flag should be set only if we have a
4401 printer service but nmbd doesn't actually load the
4402 services so we can't tell --jerry */
4404 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4406 default_server_announce |= SV_TYPE_SERVER_NT;
4407 default_server_announce |= SV_TYPE_NT;
4409 switch (lp_server_role()) {
4410 case ROLE_DOMAIN_MEMBER:
4411 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4413 case ROLE_DOMAIN_PDC:
4414 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4416 case ROLE_DOMAIN_BDC:
4417 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4419 case ROLE_STANDALONE:
4423 if (lp_time_server())
4424 default_server_announce |= SV_TYPE_TIME_SOURCE;
4426 if (lp_host_msdfs())
4427 default_server_announce |= SV_TYPE_DFS_SERVER;
4429 return default_server_announce;
4432 /***********************************************************
4433 If we are PDC then prefer us as DMB
4434 ************************************************************/
4436 bool lp_domain_master(void)
4438 if (Globals._domain_master == Auto)
4439 return (lp_server_role() == ROLE_DOMAIN_PDC);
4441 return (bool)Globals._domain_master;
4444 /***********************************************************
4445 If we are PDC then prefer us as DMB
4446 ************************************************************/
4448 static bool lp_domain_master_true_or_auto(void)
4450 if (Globals._domain_master) /* auto or yes */
4456 /***********************************************************
4457 If we are DMB then prefer us as LMB
4458 ************************************************************/
4460 bool lp_preferred_master(void)
4462 if (Globals.iPreferredMaster == Auto)
4463 return (lp_local_master() && lp_domain_master());
4465 return (bool)Globals.iPreferredMaster;
4468 /*******************************************************************
4470 ********************************************************************/
4472 void lp_remove_service(int snum)
4474 ServicePtrs[snum]->valid = false;
4477 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4479 const char *ret = lp__printername(ctx, snum);
4480 if (ret == NULL || *ret == '\0') {
4481 ret = lp_const_servicename(snum);
4488 /***********************************************************
4489 Allow daemons such as winbindd to fix their logfile name.
4490 ************************************************************/
4492 void lp_set_logfile(const char *name)
4494 string_set(Globals.ctx, &Globals.logfile, name);
4495 debug_set_logfile(name);
4498 /*******************************************************************
4499 Return the max print jobs per queue.
4500 ********************************************************************/
4502 int lp_maxprintjobs(int snum)
4504 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4505 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4506 maxjobs = PRINT_MAX_JOBID - 1;
4511 const char *lp_printcapname(void)
4513 if ((Globals.szPrintcapname != NULL) &&
4514 (Globals.szPrintcapname[0] != '\0'))
4515 return Globals.szPrintcapname;
4517 if (sDefault.printing == PRINT_CUPS) {
4521 if (sDefault.printing == PRINT_BSD)
4522 return "/etc/printcap";
4524 return PRINTCAP_NAME;
4527 static uint32 spoolss_state;
4529 bool lp_disable_spoolss( void )
4531 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4532 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4534 return spoolss_state == SVCCTL_STOPPED ? true : false;
4537 void lp_set_spoolss_state( uint32 state )
4539 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4541 spoolss_state = state;
4544 uint32 lp_get_spoolss_state( void )
4546 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4549 /*******************************************************************
4550 Ensure we don't use sendfile if server smb signing is active.
4551 ********************************************************************/
4553 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4555 bool sign_active = false;
4557 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4558 if (get_Protocol() < PROTOCOL_NT1) {
4561 if (signing_state) {
4562 sign_active = smb_signing_is_active(signing_state);
4564 return (lp__use_sendfile(snum) &&
4565 (get_remote_arch() != RA_WIN95) &&
4569 /*******************************************************************
4570 Turn off sendfile if we find the underlying OS doesn't support it.
4571 ********************************************************************/
4573 void set_use_sendfile(int snum, bool val)
4575 if (LP_SNUM_OK(snum))
4576 ServicePtrs[snum]->_use_sendfile = val;
4578 sDefault._use_sendfile = val;
4581 /*******************************************************************
4582 Turn off storing DOS attributes if this share doesn't support it.
4583 ********************************************************************/
4585 void set_store_dos_attributes(int snum, bool val)
4587 if (!LP_SNUM_OK(snum))
4589 ServicePtrs[(snum)]->store_dos_attributes = val;
4592 void lp_set_mangling_method(const char *new_method)
4594 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4597 /*******************************************************************
4598 Global state for POSIX pathname processing.
4599 ********************************************************************/
4601 static bool posix_pathnames;
4603 bool lp_posix_pathnames(void)
4605 return posix_pathnames;
4608 /*******************************************************************
4609 Change everything needed to ensure POSIX pathname processing (currently
4611 ********************************************************************/
4613 void lp_set_posix_pathnames(void)
4615 posix_pathnames = true;
4618 /*******************************************************************
4619 Global state for POSIX lock processing - CIFS unix extensions.
4620 ********************************************************************/
4622 bool posix_default_lock_was_set;
4623 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4625 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4627 if (posix_default_lock_was_set) {
4628 return posix_cifsx_locktype;
4630 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4634 /*******************************************************************
4635 ********************************************************************/
4637 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4639 posix_default_lock_was_set = true;
4640 posix_cifsx_locktype = val;
4643 int lp_min_receive_file_size(void)
4645 if (Globals.iminreceivefile < 0) {
4648 return Globals.iminreceivefile;
4651 /*******************************************************************
4652 Safe wide links checks.
4653 This helper function always verify the validity of wide links,
4654 even after a configuration file reload.
4655 ********************************************************************/
4657 static bool lp_widelinks_internal(int snum)
4659 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4660 sDefault.bWidelinks);
4663 void widelinks_warning(int snum)
4665 if (lp_allow_insecure_wide_links()) {
4669 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4670 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4671 "These parameters are incompatible. "
4672 "Wide links will be disabled for this share.\n",
4673 lp_servicename(talloc_tos(), snum) ));
4677 bool lp_widelinks(int snum)
4679 /* wide links is always incompatible with unix extensions */
4680 if (lp_unix_extensions()) {
4682 * Unless we have "allow insecure widelinks"
4685 if (!lp_allow_insecure_wide_links()) {
4690 return lp_widelinks_internal(snum);
4693 int lp_server_role(void)
4695 return lp_find_server_role(lp__server_role(),
4697 lp__domain_logons(),
4698 lp_domain_master_true_or_auto());
4701 int lp_security(void)
4703 return lp_find_security(lp__server_role(),
4707 struct loadparm_global * get_globals(void)