2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
73 #include "source4/lib/tls/tls.h"
75 #ifdef HAVE_SYS_SYSCTL_H
76 #include <sys/sysctl.h>
81 extern userdom_struct current_user_info;
83 /* the special value for the include parameter
84 * to be interpreted not as a file name but to
85 * trigger loading of the global smb.conf options
87 #ifndef INCLUDE_REGISTRY_NAME
88 #define INCLUDE_REGISTRY_NAME "registry"
91 static bool in_client = false; /* Not in the client by default */
92 static struct smbconf_csn conf_last_csn;
94 static int config_backend = CONFIG_BACKEND_FILE;
96 /* some helpful bits */
97 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && \
98 (ServicePtrs != NULL) && \
99 (ServicePtrs[(i)] != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) ((ServicePtrs != NULL) && (ServicePtrs[i]!= NULL) && \
101 ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
118 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .max_print_jobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
189 .administrative_share = false,
192 .print_notify_backchannel = false,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
199 .strict_locking = Auto,
200 .posix_locking = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
204 .mangled_names = MANGLED_NAMES_YES,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .msdfs_shuffle_referrals = false,
226 .use_client_driver = false,
227 .default_devmode = true,
228 .force_printername = false,
229 .nt_acl_support = true,
230 .force_unknown_acl_user = false,
231 ._use_sendfile = false,
232 .profile_acls = false,
233 .map_acl_inherit = false,
236 .acl_check_permissions = true,
237 .acl_map_full_control = true,
238 .acl_group_control = false,
239 .acl_allow_execute_always = false,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
260 static unsigned int *flags_list = NULL;
262 static void set_allowed_client_auth(void);
264 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
265 static void free_param_opts(struct parmlist_entry **popts);
268 * Function to return the default value for the maximum number of open
269 * file descriptors permitted. This function tries to consult the
270 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
271 * the smaller of those.
273 static int max_open_files(void)
275 int sysctl_max = MAX_OPEN_FILES;
276 int rlimit_max = MAX_OPEN_FILES;
278 #ifdef HAVE_SYSCTLBYNAME
280 size_t size = sizeof(sysctl_max);
281 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
286 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
292 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
293 rlimit_max = rl.rlim_cur;
295 #if defined(RLIM_INFINITY)
296 if(rl.rlim_cur == RLIM_INFINITY)
297 rlimit_max = MAX_OPEN_FILES;
302 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
303 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
304 "minimum Windows limit (%d)\n",
306 MIN_OPEN_FILES_WINDOWS));
307 sysctl_max = MIN_OPEN_FILES_WINDOWS;
310 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
311 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
312 "minimum Windows limit (%d)\n",
314 MIN_OPEN_FILES_WINDOWS));
315 rlimit_max = MIN_OPEN_FILES_WINDOWS;
318 return MIN(sysctl_max, rlimit_max);
322 * Common part of freeing allocated data for one parameter.
324 static void free_one_parameter_common(void *parm_ptr,
325 struct parm_struct parm)
327 if ((parm.type == P_STRING) ||
328 (parm.type == P_USTRING))
330 lpcfg_string_free((char**)parm_ptr);
331 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
332 TALLOC_FREE(*((char***)parm_ptr));
337 * Free the allocated data for one parameter for a share
338 * given as a service struct.
340 static void free_one_parameter(struct loadparm_service *service,
341 struct parm_struct parm)
345 if (parm.p_class != P_LOCAL) {
349 parm_ptr = lp_parm_ptr(service, &parm);
351 free_one_parameter_common(parm_ptr, parm);
355 * Free the allocated parameter data of a share given
356 * as a service struct.
358 static void free_parameters(struct loadparm_service *service)
362 for (i=0; parm_table[i].label; i++) {
363 free_one_parameter(service, parm_table[i]);
368 * Free the allocated data for one parameter for a given share
369 * specified by an snum.
371 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
376 parm_ptr = lp_parm_ptr(NULL, &parm);
377 } else if (parm.p_class != P_LOCAL) {
380 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
383 free_one_parameter_common(parm_ptr, parm);
387 * Free the allocated parameter data for a share specified
390 static void free_parameters_by_snum(int snum)
394 for (i=0; parm_table[i].label; i++) {
395 free_one_parameter_by_snum(snum, parm_table[i]);
400 * Free the allocated global parameters.
402 static void free_global_parameters(void)
405 struct parm_struct *parm;
407 free_param_opts(&Globals.param_opt);
408 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
410 /* Reset references in the defaults because the context is going to be freed */
411 for (i=0; parm_table[i].label; i++) {
412 parm = &parm_table[i];
413 if ((parm->type == P_STRING) ||
414 (parm->type == P_USTRING)) {
415 if ((parm->def.svalue != NULL) &&
416 (*(parm->def.svalue) != '\0')) {
417 if (talloc_parent(parm->def.svalue) == Globals.ctx) {
418 parm->def.svalue = NULL;
423 TALLOC_FREE(Globals.ctx);
426 struct lp_stored_option {
427 struct lp_stored_option *prev, *next;
432 static struct lp_stored_option *stored_options;
435 save options set by lp_set_cmdline() into a list. This list is
436 re-applied when we do a globals reset, so that cmdline set options
437 are sticky across reloads of smb.conf
439 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
441 struct lp_stored_option *entry, *entry_next;
442 for (entry = stored_options; entry != NULL; entry = entry_next) {
443 entry_next = entry->next;
444 if (strcmp(pszParmName, entry->label) == 0) {
445 DLIST_REMOVE(stored_options, entry);
451 entry = talloc(NULL, struct lp_stored_option);
456 entry->label = talloc_strdup(entry, pszParmName);
462 entry->value = talloc_strdup(entry, pszParmValue);
468 DLIST_ADD_END(stored_options, entry);
473 static bool apply_lp_set_cmdline(void)
475 struct lp_stored_option *entry = NULL;
476 for (entry = stored_options; entry != NULL; entry = entry->next) {
477 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
478 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
479 entry->label, entry->value));
486 /***************************************************************************
487 Initialise the global parameter structure.
488 ***************************************************************************/
490 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
492 static bool done_init = false;
496 /* If requested to initialize only once and we've already done it... */
497 if (!reinit_globals && done_init) {
498 /* ... then we have nothing more to do */
503 /* The logfile can be set before this is invoked. Free it if so. */
504 lpcfg_string_free(&Globals.logfile);
507 free_global_parameters();
510 /* This memset and the free_global_parameters() above will
511 * wipe out smb.conf options set with lp_set_cmdline(). The
512 * apply_lp_set_cmdline() call puts these values back in the
513 * table once the defaults are set */
514 ZERO_STRUCT(Globals);
516 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
518 /* Initialize the flags list if necessary */
519 if (flags_list == NULL) {
523 for (i = 0; parm_table[i].label; i++) {
524 if ((parm_table[i].type == P_STRING ||
525 parm_table[i].type == P_USTRING))
529 (char **)lp_parm_ptr(NULL, &parm_table[i]),
535 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
536 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
538 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
540 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
542 DEBUG(3, ("Initialising global parameters\n"));
544 /* Must manually force to upper case here, as this does not go via the handler */
545 lpcfg_string_set(Globals.ctx, &Globals.netbios_name,
548 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
549 get_dyn_SMB_PASSWD_FILE());
550 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
551 get_dyn_PRIVATE_DIR());
553 /* use the new 'hash2' method by default, with a prefix of 1 */
554 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
555 Globals.mangle_prefix = 1;
557 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
559 /* using UTF8 by default allows us to support all chars */
560 lpcfg_string_set(Globals.ctx, &Globals.unix_charset,
561 DEFAULT_UNIX_CHARSET);
563 /* Use codepage 850 as a default for the dos character set */
564 lpcfg_string_set(Globals.ctx, &Globals.dos_charset,
565 DEFAULT_DOS_CHARSET);
568 * Allow the default PASSWD_CHAT to be overridden in local.h.
570 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat,
571 DEFAULT_PASSWD_CHAT);
573 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
575 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
576 lpcfg_string_set(Globals.ctx, &Globals.lock_directory,
578 lpcfg_string_set(Globals.ctx, &Globals.state_directory,
580 lpcfg_string_set(Globals.ctx, &Globals.cache_directory,
582 lpcfg_string_set(Globals.ctx, &Globals.pid_directory,
584 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address,
587 * By default support explicit binding to broadcast
590 Globals.nmbd_bind_explicit_broadcast = true;
592 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
594 smb_panic("init_globals: ENOMEM");
596 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
599 lpcfg_string_set(Globals.ctx, &Globals.panic_action,
600 "/bin/sleep 999999999");
603 lpcfg_string_set(Globals.ctx, &Globals.socket_options,
604 DEFAULT_SOCKET_OPTIONS);
606 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
607 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
608 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
609 lpcfg_string_set(Globals.ctx, &Globals.logon_path,
610 "\\\\%N\\%U\\profile");
612 Globals.name_resolve_order =
613 str_list_make_v3_const(Globals.ctx,
614 DEFAULT_NAME_RESOLVE_ORDER,
616 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
618 Globals.algorithmic_rid_base = BASE_RID;
620 Globals.load_printers = true;
621 Globals.printcap_cache_time = 750; /* 12.5 minutes */
623 Globals.config_backend = config_backend;
624 Globals._server_role = ROLE_AUTO;
626 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
627 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
628 Globals.max_xmit = 0x4104;
629 Globals.max_mux = 50; /* This is *needed* for profile support. */
630 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
631 Globals._disable_spoolss = false;
632 Globals.max_smbd_processes = 0;/* no limit specified */
633 Globals.username_level = 0;
634 Globals.deadtime = 0;
635 Globals.getwd_cache = true;
636 Globals.large_readwrite = true;
637 Globals.max_log_size = 5000;
638 Globals.max_open_files = max_open_files();
639 Globals.server_max_protocol = PROTOCOL_SMB3_11;
640 Globals.server_min_protocol = PROTOCOL_LANMAN1;
641 Globals._client_max_protocol = PROTOCOL_DEFAULT;
642 Globals.client_min_protocol = PROTOCOL_CORE;
643 Globals._client_ipc_max_protocol = PROTOCOL_DEFAULT;
644 Globals._client_ipc_min_protocol = PROTOCOL_DEFAULT;
645 Globals._security = SEC_AUTO;
646 Globals.encrypt_passwords = true;
647 Globals.client_schannel = Auto;
648 Globals.winbind_sealed_pipes = true;
649 Globals.require_strong_key = true;
650 Globals.server_schannel = Auto;
651 Globals.read_raw = true;
652 Globals.write_raw = true;
653 Globals.null_passwords = false;
654 Globals.old_password_allowed_period = 60;
655 Globals.obey_pam_restrictions = false;
657 Globals.syslog_only = false;
658 Globals.timestamp_logs = true;
659 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
660 Globals.debug_prefix_timestamp = false;
661 Globals.debug_hires_timestamp = true;
662 Globals.debug_pid = false;
663 Globals.debug_uid = false;
664 Globals.debug_class = false;
665 Globals.enable_core_files = true;
666 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
667 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
668 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
669 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
670 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
671 Globals.lm_interval = 60;
672 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
673 Globals.nis_homedir = false;
674 #ifdef WITH_NISPLUS_HOME
675 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
676 "auto_home.org_dir");
678 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
681 Globals.time_server = false;
682 Globals.bind_interfaces_only = false;
683 Globals.unix_password_sync = false;
684 Globals.pam_password_change = false;
685 Globals.passwd_chat_debug = false;
686 Globals.passwd_chat_timeout = 2; /* 2 second default. */
687 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
688 Globals.nt_status_support = true; /* Use NT status by default. */
689 Globals.smbd_profiling_level = 0;
690 Globals.stat_cache = true; /* use stat cache by default */
691 Globals.max_stat_cache_size = 256; /* 256k by default */
692 Globals.restrict_anonymous = 0;
693 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
694 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
695 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
696 Globals.ntlm_auth = false; /* Do NOT use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
697 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
698 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
699 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
701 Globals.allow_dcerpc_auth_level_connect = false; /* we don't allow this by default */
703 Globals.map_to_guest = 0; /* By Default, "Never" */
704 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
705 Globals.enhanced_browsing = true;
706 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
707 #ifdef MMAP_BLACKLIST
708 Globals.use_mmap = false;
710 Globals.use_mmap = true;
712 Globals.unicode = true;
713 Globals.unix_extensions = true;
714 Globals.reset_on_zero_vc = false;
715 Globals.log_writeable_files_on_exit = false;
716 Globals.create_krb5_conf = true;
717 Globals.include_system_krb5_conf = true;
718 Globals._winbind_max_domain_connections = 1;
720 /* hostname lookups can be very expensive and are broken on
721 a large number of sites (tridge) */
722 Globals.hostname_lookups = false;
724 Globals.change_notify = true,
725 Globals.kernel_change_notify = true,
727 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
728 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
729 lpcfg_string_set(Globals.ctx, &Globals._ldap_machine_suffix, "");
730 lpcfg_string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
731 lpcfg_string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
732 lpcfg_string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
734 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
735 Globals.ldap_ssl = LDAP_SSL_START_TLS;
736 Globals.ldap_ssl_ads = false;
737 Globals.ldap_deref = -1;
738 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
739 Globals.ldap_delete_dn = false;
740 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
741 Globals.ldap_follow_referral = Auto;
742 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
743 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
744 Globals.ldap_page_size = LDAP_PAGE_SIZE;
746 Globals.ldap_debug_level = 0;
747 Globals.ldap_debug_threshold = 10;
749 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
751 Globals.ldap_server_require_strong_auth =
752 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
754 /* This is what we tell the afs client. in reality we set the token
755 * to never expire, though, when this runs out the afs client will
756 * forget the token. Set to 0 to get NEVERDATE.*/
757 Globals.afs_token_lifetime = 604800;
758 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
760 /* these parameters are set to defaults that are more appropriate
761 for the increasing samba install base:
763 as a member of the workgroup, that will possibly become a
764 _local_ master browser (lm = true). this is opposed to a forced
765 local master browser startup (pm = true).
767 doesn't provide WINS server service by default (wsupp = false),
768 and doesn't provide domain master browser services by default, either.
772 Globals.show_add_printer_wizard = true;
773 Globals.os_level = 20;
774 Globals.local_master = true;
775 Globals._domain_master = Auto; /* depending on _domain_logons */
776 Globals._domain_logons = false;
777 Globals.browse_list = true;
778 Globals.we_are_a_wins_server = false;
779 Globals.wins_proxy = false;
781 TALLOC_FREE(Globals.init_logon_delayed_hosts);
782 Globals.init_logon_delay = 100; /* 100 ms default delay */
784 Globals.wins_dns_proxy = true;
786 Globals.allow_trusted_domains = true;
787 lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb");
789 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
790 lpcfg_string_set(Globals.ctx, &Globals.template_homedir,
792 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
793 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory,
794 dyn_WINBINDD_SOCKET_DIR);
796 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
797 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
799 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
801 Globals.cluster_addresses = NULL;
802 Globals.clustering = false;
803 Globals.ctdb_timeout = 0;
804 Globals.ctdb_locktime_warn_threshold = 0;
806 Globals.winbind_cache_time = 300; /* 5 minutes */
807 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
808 Globals.winbind_request_timeout = 60; /* 60 seconds */
809 Globals.winbind_max_clients = 200;
810 Globals.winbind_enum_users = false;
811 Globals.winbind_enum_groups = false;
812 Globals.winbind_use_default_domain = false;
813 Globals.winbind_trusted_domains_only = false;
814 Globals.winbind_nested_groups = true;
815 Globals.winbind_expand_groups = 0;
816 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
817 Globals.winbind_refresh_tickets = false;
818 Globals.winbind_offline_logon = false;
820 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
821 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
823 Globals.passdb_expand_explicit = false;
825 Globals.name_cache_timeout = 660; /* In seconds */
827 Globals.use_spnego = true;
828 Globals.client_use_spnego = true;
830 Globals.client_signing = SMB_SIGNING_DEFAULT;
831 Globals._client_ipc_signing = SMB_SIGNING_DEFAULT;
832 Globals.server_signing = SMB_SIGNING_DEFAULT;
834 Globals.defer_sharing_violations = true;
835 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
837 Globals.enable_privileges = true;
838 Globals.host_msdfs = true;
839 Globals.enable_asu_support = false;
841 /* User defined shares. */
842 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
844 smb_panic("init_globals: ENOMEM");
846 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
848 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
849 Globals.usershare_max_shares = 0;
850 /* By default disallow sharing of directories not owned by the sharer. */
851 Globals.usershare_owner_only = true;
852 /* By default disallow guest access to usershares. */
853 Globals.usershare_allow_guests = false;
855 Globals.keepalive = DEFAULT_KEEPALIVE;
857 /* By default no shares out of the registry */
858 Globals.registry_shares = false;
860 Globals.min_receivefile_size = 0;
862 Globals.map_untrusted_to_domain = Auto;
863 Globals.multicast_dns_register = true;
865 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
866 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
867 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
868 Globals.smb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
869 Globals.smb2_leases = true;
871 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
872 get_dyn_NCALRPCDIR());
874 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
876 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
878 Globals.tls_enabled = true;
879 Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
881 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
882 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
883 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
884 lpcfg_string_set(Globals.ctx, &Globals.tls_priority,
885 "NORMAL:-VERS-SSL3.0");
887 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
889 Globals._preferred_master = Auto;
891 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
893 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory,
894 get_dyn_NTP_SIGND_SOCKET_DIR());
896 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
898 smb_panic("init_globals: ENOMEM");
900 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
904 Globals.mit_kdc_command = str_list_make_v3_const(NULL, MIT_KDC_PATH, NULL);
907 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
909 smb_panic("init_globals: ENOMEM");
911 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
914 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
916 smb_panic("init_globals: ENOMEM");
918 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
921 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
923 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
925 Globals.cldap_port = 389;
927 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
929 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
931 Globals.krb5_port = 88;
933 Globals.kpasswd_port = 464;
935 Globals.web_port = 901;
937 Globals.aio_max_threads = 100;
939 lpcfg_string_set(Globals.ctx,
940 &Globals.rpc_server_dynamic_port_range,
942 Globals.rpc_low_port = SERVER_TCP_LOW_PORT;
943 Globals.rpc_high_port = SERVER_TCP_HIGH_PORT;
945 /* Now put back the settings that were set with lp_set_cmdline() */
946 apply_lp_set_cmdline();
949 /* Convenience routine to setup an lp_context with additional s3 variables */
950 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
952 struct loadparm_context *lp_ctx;
954 lp_ctx = loadparm_init_s3(mem_ctx,
955 loadparm_s3_helpers());
956 if (lp_ctx == NULL) {
957 DEBUG(0, ("loadparm_init_s3 failed\n"));
961 lp_ctx->sDefault = &sDefault;
962 lp_ctx->services = NULL; /* We do not want to access this directly */
963 lp_ctx->bInGlobalSection = bInGlobalSection;
964 lp_ctx->flags = flags_list;
969 /*******************************************************************
970 Convenience routine to grab string parameters into talloced memory
971 and run standard_sub_basic on them. The buffers can be written to by
972 callers without affecting the source string.
973 ********************************************************************/
975 char *lp_string(TALLOC_CTX *ctx, const char *s)
979 /* The follow debug is useful for tracking down memory problems
980 especially if you have an inner loop that is calling a lp_*()
981 function that returns a string. Perhaps this debug should be
982 present all the time? */
985 DEBUG(10, ("lp_string(%s)\n", s));
991 ret = talloc_sub_basic(ctx,
992 get_current_username(),
993 current_user_info.domain,
995 if (trim_char(ret, '\"', '\"')) {
996 if (strchr(ret,'\"') != NULL) {
998 ret = talloc_sub_basic(ctx,
999 get_current_username(),
1000 current_user_info.domain,
1008 In this section all the functions that are used to access the
1009 parameters from the rest of the program are defined
1012 #define FN_GLOBAL_STRING(fn_name,ptr) \
1013 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1014 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1015 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1016 #define FN_GLOBAL_LIST(fn_name,ptr) \
1017 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1018 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1019 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1020 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1021 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1022 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1023 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1025 #define FN_LOCAL_STRING(fn_name,val) \
1026 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1027 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1028 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1029 #define FN_LOCAL_LIST(fn_name,val) \
1030 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1031 #define FN_LOCAL_BOOL(fn_name,val) \
1032 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1033 #define FN_LOCAL_INTEGER(fn_name,val) \
1034 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1036 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1037 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1038 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1039 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1040 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1041 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1043 int lp_winbind_max_domain_connections(void)
1045 if (lp_winbind_offline_logon() &&
1046 lp__winbind_max_domain_connections() > 1) {
1047 DEBUG(1, ("offline logons active, restricting max domain "
1048 "connections to 1\n"));
1051 return MAX(1, lp__winbind_max_domain_connections());
1054 /* These functions remain in source3/param for now */
1056 #include "lib/param/param_functions.c"
1058 FN_LOCAL_STRING(servicename, szService)
1059 FN_LOCAL_CONST_STRING(const_servicename, szService)
1061 /* These functions cannot be auto-generated */
1062 FN_LOCAL_BOOL(autoloaded, autoloaded)
1063 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1065 /* local prototypes */
1067 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1068 static const char *get_boolean(bool bool_value);
1069 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1071 static bool hash_a_service(const char *name, int number);
1072 static void free_service_byindex(int iService);
1073 static void show_parameter(int parmIndex);
1074 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1075 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val);
1078 * This is a helper function for parametrical options support. It returns a
1079 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1080 * parametrical functions are quite simple
1082 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1085 if (snum >= iNumServices) return NULL;
1088 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1090 return get_parametric_helper(ServicePtrs[snum],
1091 type, option, Globals.param_opt);
1095 static void discard_whitespace(char *str)
1097 size_t len = strlen(str);
1101 if (isspace(str[i])) {
1102 memmove(&str[i], &str[i+1], len-i);
1111 * @brief Go through all global parametric parameters
1113 * @param regex_str A regular expression to scan param for
1114 * @param max_matches Max number of submatches the regexp expects
1115 * @param cb Function to call on match. Should return true
1116 * when it wants wi_scan_global_parametrics to stop
1118 * @param private_data Anonymous pointer passed to cb
1120 * @return 0: success, regcomp/regexec return value on error.
1121 * See "man regexec" for possible errors
1124 int lp_wi_scan_global_parametrics(
1125 const char *regex_str, size_t max_matches,
1126 bool (*cb)(const char *string, regmatch_t matches[],
1127 void *private_data),
1130 struct parmlist_entry *data;
1134 ret = regcomp(®ex, regex_str, REG_ICASE);
1139 for (data = Globals.param_opt; data != NULL; data = data->next) {
1140 size_t keylen = strlen(data->key);
1142 regmatch_t matches[max_matches];
1145 memcpy(key, data->key, sizeof(key));
1146 discard_whitespace(key);
1148 ret = regexec(®ex, key, max_matches, matches, 0);
1149 if (ret == REG_NOMATCH) {
1156 stop = cb(key, matches, private_data);
1169 #define MISSING_PARAMETER(name) \
1170 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1172 /*******************************************************************
1173 convenience routine to return enum parameters.
1174 ********************************************************************/
1175 static int lp_enum(const char *s,const struct enum_list *_enum)
1179 if (!s || !*s || !_enum) {
1180 MISSING_PARAMETER(lp_enum);
1184 for (i=0; _enum[i].name; i++) {
1185 if (strequal(_enum[i].name,s))
1186 return _enum[i].value;
1189 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1193 #undef MISSING_PARAMETER
1195 /* Return parametric option from a given service. Type is a part of option before ':' */
1196 /* Parametric option has following syntax: 'Type: option = value' */
1197 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1199 struct parmlist_entry *data = get_parametrics(snum, type, option);
1201 if (data == NULL||data->value==NULL) {
1203 return lp_string(ctx, def);
1209 return lp_string(ctx, data->value);
1212 /* Return parametric option from a given service. Type is a part of option before ':' */
1213 /* Parametric option has following syntax: 'Type: option = value' */
1214 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1216 struct parmlist_entry *data = get_parametrics(snum, type, option);
1218 if (data == NULL||data->value==NULL)
1225 /* Return parametric option from a given service. Type is a part of option before ':' */
1226 /* Parametric option has following syntax: 'Type: option = value' */
1228 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1230 struct parmlist_entry *data = get_parametrics(snum, type, option);
1232 if (data == NULL||data->value==NULL)
1233 return (const char **)def;
1235 if (data->list==NULL) {
1236 data->list = str_list_make_v3(NULL, data->value, NULL);
1239 return discard_const_p(const char *, data->list);
1242 /* Return parametric option from a given service. Type is a part of option before ':' */
1243 /* Parametric option has following syntax: 'Type: option = value' */
1245 int lp_parm_int(int snum, const char *type, const char *option, int def)
1247 struct parmlist_entry *data = get_parametrics(snum, type, option);
1249 if (data && data->value && *data->value)
1250 return lp_int(data->value);
1255 /* Return parametric option from a given service. Type is a part of option before ':' */
1256 /* Parametric option has following syntax: 'Type: option = value' */
1258 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1260 struct parmlist_entry *data = get_parametrics(snum, type, option);
1262 if (data && data->value && *data->value)
1263 return lp_ulong(data->value);
1268 /* Return parametric option from a given service. Type is a part of option before ':' */
1269 /* Parametric option has following syntax: 'Type: option = value' */
1271 unsigned long long lp_parm_ulonglong(int snum, const char *type,
1272 const char *option, unsigned long long def)
1274 struct parmlist_entry *data = get_parametrics(snum, type, option);
1276 if (data && data->value && *data->value) {
1277 return lp_ulonglong(data->value);
1283 /* Return parametric option from a given service. Type is a part of option
1285 /* Parametric option has following syntax: 'Type: option = value' */
1287 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1289 struct parmlist_entry *data = get_parametrics(snum, type, option);
1291 if (data && data->value && *data->value)
1292 return lp_bool(data->value);
1297 /* Return parametric option from a given service. Type is a part of option before ':' */
1298 /* Parametric option has following syntax: 'Type: option = value' */
1300 int lp_parm_enum(int snum, const char *type, const char *option,
1301 const struct enum_list *_enum, int def)
1303 struct parmlist_entry *data = get_parametrics(snum, type, option);
1305 if (data && data->value && *data->value && _enum)
1306 return lp_enum(data->value, _enum);
1312 * free a param_opts structure.
1313 * param_opts handling should be moved to talloc;
1314 * then this whole functions reduces to a TALLOC_FREE().
1317 static void free_param_opts(struct parmlist_entry **popts)
1319 struct parmlist_entry *opt, *next_opt;
1321 if (*popts != NULL) {
1322 DEBUG(5, ("Freeing parametrics:\n"));
1325 while (opt != NULL) {
1326 lpcfg_string_free(&opt->key);
1327 lpcfg_string_free(&opt->value);
1328 TALLOC_FREE(opt->list);
1329 next_opt = opt->next;
1336 /***************************************************************************
1337 Free the dynamically allocated parts of a service struct.
1338 ***************************************************************************/
1340 static void free_service(struct loadparm_service *pservice)
1345 if (pservice->szService)
1346 DEBUG(5, ("free_service: Freeing service %s\n",
1347 pservice->szService));
1349 free_parameters(pservice);
1351 lpcfg_string_free(&pservice->szService);
1352 TALLOC_FREE(pservice->copymap);
1354 free_param_opts(&pservice->param_opt);
1356 ZERO_STRUCTP(pservice);
1360 /***************************************************************************
1361 remove a service indexed in the ServicePtrs array from the ServiceHash
1362 and free the dynamically allocated parts
1363 ***************************************************************************/
1365 static void free_service_byindex(int idx)
1367 if ( !LP_SNUM_OK(idx) )
1370 ServicePtrs[idx]->valid = false;
1372 /* we have to cleanup the hash record */
1374 if (ServicePtrs[idx]->szService) {
1375 char *canon_name = canonicalize_servicename(
1377 ServicePtrs[idx]->szService );
1379 dbwrap_delete_bystring(ServiceHash, canon_name );
1380 TALLOC_FREE(canon_name);
1383 free_service(ServicePtrs[idx]);
1384 TALLOC_FREE(ServicePtrs[idx]);
1387 /***************************************************************************
1388 Add a new service to the services array initialising it with the given
1390 ***************************************************************************/
1392 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1395 struct loadparm_service **tsp = NULL;
1397 /* it might already exist */
1399 i = getservicebyname(name, NULL);
1405 /* Re use empty slots if any before allocating new one.*/
1406 for (i=0; i < iNumServices; i++) {
1407 if (ServicePtrs[i] == NULL) {
1411 if (i == iNumServices) {
1412 /* if not, then create one */
1413 tsp = talloc_realloc(NULL, ServicePtrs,
1414 struct loadparm_service *,
1417 DEBUG(0, ("add_a_service: failed to enlarge "
1424 ServicePtrs[i] = talloc_zero(ServicePtrs, struct loadparm_service);
1425 if (!ServicePtrs[i]) {
1426 DEBUG(0,("add_a_service: out of memory!\n"));
1430 ServicePtrs[i]->valid = true;
1432 copy_service(ServicePtrs[i], pservice, NULL);
1434 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1437 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1438 i, ServicePtrs[i]->szService));
1440 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1447 /***************************************************************************
1448 Convert a string to uppercase and remove whitespaces.
1449 ***************************************************************************/
1451 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1456 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1460 result = talloc_strdup(ctx, src);
1461 SMB_ASSERT(result != NULL);
1463 if (!strlower_m(result)) {
1464 TALLOC_FREE(result);
1470 /***************************************************************************
1471 Add a name/index pair for the services array to the hash table.
1472 ***************************************************************************/
1474 static bool hash_a_service(const char *name, int idx)
1478 if ( !ServiceHash ) {
1479 DEBUG(10,("hash_a_service: creating servicehash\n"));
1480 ServiceHash = db_open_rbt(NULL);
1481 if ( !ServiceHash ) {
1482 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1487 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1490 canon_name = canonicalize_servicename(talloc_tos(), name );
1492 dbwrap_store_bystring(ServiceHash, canon_name,
1493 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1496 TALLOC_FREE(canon_name);
1501 /***************************************************************************
1502 Add a new home service, with the specified home directory, defaults coming
1504 ***************************************************************************/
1506 bool lp_add_home(const char *pszHomename, int iDefaultService,
1507 const char *user, const char *pszHomedir)
1511 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1512 pszHomedir[0] == '\0') {
1516 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1521 if (!(*(ServicePtrs[iDefaultService]->path))
1522 || strequal(ServicePtrs[iDefaultService]->path,
1523 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1524 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1528 if (!(*(ServicePtrs[i]->comment))) {
1529 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1530 if (comment == NULL) {
1533 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1535 TALLOC_FREE(comment);
1538 /* set the browseable flag from the global default */
1540 ServicePtrs[i]->browseable = sDefault.browseable;
1541 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1543 ServicePtrs[i]->autoloaded = true;
1545 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1546 user, ServicePtrs[i]->path ));
1551 /***************************************************************************
1552 Add a new service, based on an old one.
1553 ***************************************************************************/
1555 int lp_add_service(const char *pszService, int iDefaultService)
1557 if (iDefaultService < 0) {
1558 return add_a_service(&sDefault, pszService);
1561 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1564 /***************************************************************************
1565 Add the IPC service.
1566 ***************************************************************************/
1568 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1570 char *comment = NULL;
1571 int i = add_a_service(&sDefault, ipc_name);
1576 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1577 Globals.server_string);
1578 if (comment == NULL) {
1582 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1583 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1584 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1585 ServicePtrs[i]->max_connections = 0;
1586 ServicePtrs[i]->available = true;
1587 ServicePtrs[i]->read_only = true;
1588 ServicePtrs[i]->guest_only = false;
1589 ServicePtrs[i]->administrative_share = true;
1590 ServicePtrs[i]->guest_ok = guest_ok;
1591 ServicePtrs[i]->printable = false;
1592 ServicePtrs[i]->browseable = sDefault.browseable;
1593 ServicePtrs[i]->autoloaded = true;
1595 DEBUG(3, ("adding IPC service\n"));
1597 TALLOC_FREE(comment);
1601 /***************************************************************************
1602 Add a new printer service, with defaults coming from service iFrom.
1603 ***************************************************************************/
1605 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1607 const char *comment = "From Printcap";
1608 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1613 /* note that we do NOT default the availability flag to true - */
1614 /* we take it from the default service passed. This allows all */
1615 /* dynamic printers to be disabled by disabling the [printers] */
1616 /* entry (if/when the 'available' keyword is implemented!). */
1618 /* the printer name is set to the service name. */
1619 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1621 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1623 /* set the browseable flag from the gloabl default */
1624 ServicePtrs[i]->browseable = sDefault.browseable;
1626 /* Printers cannot be read_only. */
1627 ServicePtrs[i]->read_only = false;
1628 /* No oplocks on printer services. */
1629 ServicePtrs[i]->oplocks = false;
1630 /* Printer services must be printable. */
1631 ServicePtrs[i]->printable = true;
1633 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1639 /***************************************************************************
1640 Check whether the given parameter name is valid.
1641 Parametric options (names containing a colon) are considered valid.
1642 ***************************************************************************/
1644 bool lp_parameter_is_valid(const char *pszParmName)
1646 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1647 (strchr(pszParmName, ':') != NULL));
1650 /***************************************************************************
1651 Check whether the given name is the name of a global parameter.
1652 Returns true for strings belonging to parameters of class
1653 P_GLOBAL, false for all other strings, also for parametric options
1654 and strings not belonging to any option.
1655 ***************************************************************************/
1657 bool lp_parameter_is_global(const char *pszParmName)
1659 int num = lpcfg_map_parameter(pszParmName);
1662 return (parm_table[num].p_class == P_GLOBAL);
1668 /**************************************************************************
1669 Determine the canonical name for a parameter.
1670 Indicate when it is an inverse (boolean) synonym instead of a
1672 **************************************************************************/
1674 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1679 if (!lp_parameter_is_valid(parm_name)) {
1684 num = map_parameter_canonical(parm_name, inverse);
1686 /* parametric option */
1687 *canon_parm = parm_name;
1689 *canon_parm = parm_table[num].label;
1696 /**************************************************************************
1697 Determine the canonical name for a parameter.
1698 Turn the value given into the inverse boolean expression when
1699 the synonym is an invers boolean synonym.
1702 - parm_name is a valid parameter name and
1703 - val is a valid value for this parameter and
1704 - in case the parameter is an inverse boolean synonym, if the val
1705 string could successfully be converted to the reverse bool.
1706 Return false in all other cases.
1707 **************************************************************************/
1709 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1711 const char **canon_parm,
1712 const char **canon_val)
1718 if (!lp_parameter_is_valid(parm_name)) {
1724 num = map_parameter_canonical(parm_name, &inverse);
1726 /* parametric option */
1727 *canon_parm = parm_name;
1732 *canon_parm = parm_table[num].label;
1734 if (!lp_invert_boolean(val, canon_val)) {
1742 ret = lp_parameter_value_is_valid(*canon_parm, *canon_val);
1747 /***************************************************************************
1748 Map a parameter's string representation to the index of the canonical
1749 form of the parameter (it might be a synonym).
1750 Returns -1 if the parameter string is not recognised.
1751 ***************************************************************************/
1753 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1755 int parm_num, canon_num;
1756 bool loc_inverse = false;
1758 parm_num = lpcfg_map_parameter(pszParmName);
1759 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1760 /* invalid, parametric or no canidate for synonyms ... */
1764 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1765 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1766 parm_num = canon_num;
1772 if (inverse != NULL) {
1773 *inverse = loc_inverse;
1778 /***************************************************************************
1779 return true if parameter number parm1 is a synonym of parameter
1780 number parm2 (parm2 being the principal name).
1781 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1783 ***************************************************************************/
1785 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1787 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1788 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1789 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1790 !(parm_table[parm2].flags & FLAG_SYNONYM))
1792 if (inverse != NULL) {
1793 if ((parm_table[parm1].type == P_BOOLREV) &&
1794 (parm_table[parm2].type == P_BOOL))
1806 /***************************************************************************
1807 Show one parameter's name, type, [values,] and flags.
1808 (helper functions for show_parameter_list)
1809 ***************************************************************************/
1811 static void show_parameter(int parmIndex)
1813 int enumIndex, flagIndex;
1818 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1819 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1820 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1821 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1822 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1824 printf("%s=%s", parm_table[parmIndex].label,
1825 type[parm_table[parmIndex].type]);
1826 if (parm_table[parmIndex].type == P_ENUM) {
1829 parm_table[parmIndex].enum_list[enumIndex].name;
1833 enumIndex ? "|" : "",
1834 parm_table[parmIndex].enum_list[enumIndex].name);
1839 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1840 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1843 flag_names[flagIndex]);
1848 /* output synonyms */
1850 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1851 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1852 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1853 parm_table[parmIndex2].label);
1854 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1856 printf(" (synonyms: ");
1861 printf("%s%s", parm_table[parmIndex2].label,
1862 inverse ? "[i]" : "");
1873 * Check the value for a P_ENUM
1875 static bool check_enum_parameter(struct parm_struct *parm, const char *value)
1879 for (i = 0; parm->enum_list[i].name; i++) {
1880 if (strwicmp(value, parm->enum_list[i].name) == 0) {
1887 /**************************************************************************
1888 Check whether the given value is valid for the given parameter name.
1889 **************************************************************************/
1891 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val)
1893 bool ret = false, tmp_bool;
1894 int num = lpcfg_map_parameter(parm_name), tmp_int;
1895 uint64_t tmp_int64 = 0;
1896 struct parm_struct *parm;
1898 /* parametric options (parameter names containing a colon) cannot
1899 be checked and are therefore considered valid. */
1900 if (strchr(parm_name, ':') != NULL) {
1905 parm = &parm_table[num];
1906 switch (parm->type) {
1909 ret = set_boolean(val, &tmp_bool);
1913 ret = (sscanf(val, "%d", &tmp_int) == 1);
1917 ret = (sscanf(val, "%o", &tmp_int) == 1);
1921 ret = check_enum_parameter(parm, val);
1925 if (conv_str_size_error(val, &tmp_int64) &&
1926 tmp_int64 <= INT_MAX) {
1943 /***************************************************************************
1944 Show all parameter's name, type, [values,] and flags.
1945 ***************************************************************************/
1947 void show_parameter_list(void)
1949 int classIndex, parmIndex;
1950 const char *section_names[] = { "local", "global", NULL};
1952 for (classIndex=0; section_names[classIndex]; classIndex++) {
1953 printf("[%s]\n", section_names[classIndex]);
1954 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1955 if (parm_table[parmIndex].p_class == classIndex) {
1956 show_parameter(parmIndex);
1962 /***************************************************************************
1963 Get the standard string representation of a boolean value ("yes" or "no")
1964 ***************************************************************************/
1966 static const char *get_boolean(bool bool_value)
1968 static const char *yes_str = "yes";
1969 static const char *no_str = "no";
1971 return (bool_value ? yes_str : no_str);
1974 /***************************************************************************
1975 Provide the string of the negated boolean value associated to the boolean
1976 given as a string. Returns false if the passed string does not correctly
1977 represent a boolean.
1978 ***************************************************************************/
1980 bool lp_invert_boolean(const char *str, const char **inverse_str)
1984 if (!set_boolean(str, &val)) {
1988 *inverse_str = get_boolean(!val);
1992 /***************************************************************************
1993 Provide the canonical string representation of a boolean value given
1994 as a string. Return true on success, false if the string given does
1995 not correctly represent a boolean.
1996 ***************************************************************************/
1998 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
2002 if (!set_boolean(str, &val)) {
2006 *canon_str = get_boolean(val);
2010 /***************************************************************************
2011 Find a service by name. Otherwise works like get_service.
2012 ***************************************************************************/
2014 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
2021 if (ServiceHash == NULL) {
2025 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
2027 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
2030 if (NT_STATUS_IS_OK(status) &&
2031 (data.dptr != NULL) &&
2032 (data.dsize == sizeof(iService)))
2034 memcpy(&iService, data.dptr, sizeof(iService));
2037 TALLOC_FREE(canon_name);
2039 if ((iService != -1) && (LP_SNUM_OK(iService))
2040 && (pserviceDest != NULL)) {
2041 copy_service(pserviceDest, ServicePtrs[iService], NULL);
2047 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
2048 struct loadparm_service *lp_service(const char *pszServiceName)
2050 int iService = getservicebyname(pszServiceName, NULL);
2051 if (iService == -1 || !LP_SNUM_OK(iService)) {
2054 return ServicePtrs[iService];
2057 struct loadparm_service *lp_servicebynum(int snum)
2059 if ((snum == -1) || !LP_SNUM_OK(snum)) {
2062 return ServicePtrs[snum];
2065 struct loadparm_service *lp_default_loadparm_service()
2070 static struct smbconf_ctx *lp_smbconf_ctx(void)
2073 static struct smbconf_ctx *conf_ctx = NULL;
2075 if (conf_ctx == NULL) {
2076 err = smbconf_init(NULL, &conf_ctx, "registry:");
2077 if (!SBC_ERROR_IS_OK(err)) {
2078 DEBUG(1, ("error initializing registry configuration: "
2079 "%s\n", sbcErrorString(err)));
2087 static bool process_smbconf_service(struct smbconf_service *service)
2092 if (service == NULL) {
2096 ret = lp_do_section(service->name, NULL);
2100 for (count = 0; count < service->num_params; count++) {
2102 if (!bInGlobalSection && bGlobalOnly) {
2105 const char *pszParmName = service->param_names[count];
2106 const char *pszParmValue = service->param_values[count];
2108 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2110 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2111 pszParmName, pszParmValue);
2118 if (iServiceIndex >= 0) {
2119 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2125 * load a service from registry and activate it
2127 bool process_registry_service(const char *service_name)
2130 struct smbconf_service *service = NULL;
2131 TALLOC_CTX *mem_ctx = talloc_stackframe();
2132 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2135 if (conf_ctx == NULL) {
2139 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2141 if (!smbconf_share_exists(conf_ctx, service_name)) {
2143 * Registry does not contain data for this service (yet),
2144 * but make sure lp_load doesn't return false.
2150 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2151 if (!SBC_ERROR_IS_OK(err)) {
2155 ret = process_smbconf_service(service);
2161 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2164 TALLOC_FREE(mem_ctx);
2169 * process_registry_globals
2171 static bool process_registry_globals(void)
2175 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2177 if (!bInGlobalSection && bGlobalOnly) {
2180 const char *pszParmName = "registry shares";
2181 const char *pszParmValue = "yes";
2183 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2185 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2186 pszParmName, pszParmValue);
2193 return process_registry_service(GLOBAL_NAME);
2196 bool process_registry_shares(void)
2200 struct smbconf_service **service = NULL;
2201 uint32_t num_shares = 0;
2202 TALLOC_CTX *mem_ctx = talloc_stackframe();
2203 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2206 if (conf_ctx == NULL) {
2210 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2211 if (!SBC_ERROR_IS_OK(err)) {
2217 for (count = 0; count < num_shares; count++) {
2218 if (strequal(service[count]->name, GLOBAL_NAME)) {
2221 ret = process_smbconf_service(service[count]);
2228 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2231 TALLOC_FREE(mem_ctx);
2236 * reload those shares from registry that are already
2237 * activated in the services array.
2239 static bool reload_registry_shares(void)
2244 for (i = 0; i < iNumServices; i++) {
2249 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2253 ret = process_registry_service(ServicePtrs[i]->szService);
2264 #define MAX_INCLUDE_DEPTH 100
2266 static uint8_t include_depth;
2269 * Free the file lists
2271 static void free_file_list(void)
2273 struct file_lists *f;
2274 struct file_lists *next;
2287 * Utility function for outsiders to check if we're running on registry.
2289 bool lp_config_backend_is_registry(void)
2291 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2295 * Utility function to check if the config backend is FILE.
2297 bool lp_config_backend_is_file(void)
2299 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2302 /*******************************************************************
2303 Check if a config file has changed date.
2304 ********************************************************************/
2306 bool lp_file_list_changed(void)
2308 struct file_lists *f = file_lists;
2310 DEBUG(6, ("lp_file_list_changed()\n"));
2313 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2314 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2316 if (conf_ctx == NULL) {
2319 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2322 DEBUGADD(6, ("registry config changed\n"));
2329 n2 = talloc_sub_basic(talloc_tos(),
2330 get_current_username(),
2331 current_user_info.domain,
2336 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2337 f->name, n2, ctime(&f->modtime)));
2339 mod_time = file_modtime(n2);
2342 ((f->modtime != mod_time) ||
2343 (f->subfname == NULL) ||
2344 (strcmp(n2, f->subfname) != 0)))
2347 ("file %s modified: %s\n", n2,
2349 f->modtime = mod_time;
2350 TALLOC_FREE(f->subfname);
2351 f->subfname = talloc_strdup(f, n2);
2352 if (f->subfname == NULL) {
2353 smb_panic("talloc_strdup failed");
2367 * Initialize iconv conversion descriptors.
2369 * This is called the first time it is needed, and also called again
2370 * every time the configuration is reloaded, because the charset or
2371 * codepage might have changed.
2373 static void init_iconv(void)
2375 struct smb_iconv_handle *ret = NULL;
2377 ret = reinit_iconv_handle(NULL,
2381 smb_panic("reinit_iconv_handle failed");
2385 /***************************************************************************
2386 Handle the include operation.
2387 ***************************************************************************/
2388 static bool bAllowIncludeRegistry = true;
2390 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2391 const char *pszParmValue, char **ptr)
2395 if (include_depth >= MAX_INCLUDE_DEPTH) {
2396 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2401 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2402 if (!bAllowIncludeRegistry) {
2405 if (lp_ctx->bInGlobalSection) {
2408 ret = process_registry_globals();
2412 DEBUG(1, ("\"include = registry\" only effective "
2413 "in %s section\n", GLOBAL_NAME));
2418 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2419 current_user_info.domain,
2422 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2424 if (service == NULL) {
2425 lpcfg_string_set(Globals.ctx, ptr, fname);
2427 lpcfg_string_set(service, ptr, fname);
2430 if (file_exist(fname)) {
2433 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2439 DEBUG(2, ("Can't find include file %s\n", fname));
2444 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2446 char *config_option = NULL;
2447 const char *range = NULL;
2450 SMB_ASSERT(low != NULL);
2451 SMB_ASSERT(high != NULL);
2453 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2457 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2459 if (config_option == NULL) {
2460 DEBUG(0, ("out of memory\n"));
2464 range = lp_parm_const_string(-1, config_option, "range", NULL);
2465 if (range == NULL) {
2466 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2470 if (sscanf(range, "%u - %u", low, high) != 2) {
2471 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2472 range, domain_name));
2479 talloc_free(config_option);
2484 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2486 return lp_idmap_range("*", low, high);
2489 const char *lp_idmap_backend(const char *domain_name)
2491 char *config_option = NULL;
2492 const char *backend = NULL;
2494 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2498 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2500 if (config_option == NULL) {
2501 DEBUG(0, ("out of memory\n"));
2505 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2506 if (backend == NULL) {
2507 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2512 talloc_free(config_option);
2516 const char *lp_idmap_default_backend(void)
2518 return lp_idmap_backend("*");
2521 /***************************************************************************
2522 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2523 ***************************************************************************/
2525 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2527 const char *suffix_string;
2529 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2530 Globals.ldap_suffix );
2531 if ( !suffix_string ) {
2532 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2536 return suffix_string;
2539 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2541 if (Globals._ldap_machine_suffix[0])
2542 return append_ldap_suffix(ctx, Globals._ldap_machine_suffix);
2544 return lp_string(ctx, Globals.ldap_suffix);
2547 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2549 if (Globals._ldap_user_suffix[0])
2550 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2552 return lp_string(ctx, Globals.ldap_suffix);
2555 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2557 if (Globals._ldap_group_suffix[0])
2558 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2560 return lp_string(ctx, Globals.ldap_suffix);
2563 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2565 if (Globals._ldap_idmap_suffix[0])
2566 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2568 return lp_string(ctx, Globals.ldap_suffix);
2572 return the parameter pointer for a parameter
2574 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2576 if (service == NULL) {
2577 if (parm->p_class == P_LOCAL)
2578 return (void *)(((char *)&sDefault)+parm->offset);
2579 else if (parm->p_class == P_GLOBAL)
2580 return (void *)(((char *)&Globals)+parm->offset);
2583 return (void *)(((char *)service) + parm->offset);
2587 /***************************************************************************
2588 Process a parameter for a particular service number. If snum < 0
2589 then assume we are in the globals.
2590 ***************************************************************************/
2592 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2594 TALLOC_CTX *frame = talloc_stackframe();
2595 struct loadparm_context *lp_ctx;
2598 lp_ctx = setup_lp_context(frame);
2599 if (lp_ctx == NULL) {
2605 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2607 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2608 pszParmName, pszParmValue);
2616 /***************************************************************************
2617 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2618 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2619 ***************************************************************************/
2621 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2624 parmnum = lpcfg_map_parameter(pszParmName);
2626 flags_list[parmnum] &= ~FLAG_CMDLINE;
2627 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2630 flags_list[parmnum] |= FLAG_CMDLINE;
2632 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2633 * be grouped in the table, so we don't have to search the
2636 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2637 && parm_table[i].p_class == parm_table[parmnum].p_class;
2639 flags_list[i] |= FLAG_CMDLINE;
2641 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2642 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2643 flags_list[i] |= FLAG_CMDLINE;
2649 /* it might be parametric */
2650 if (strchr(pszParmName, ':') != NULL) {
2651 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2655 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2659 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2662 TALLOC_CTX *frame = talloc_stackframe();
2663 struct loadparm_context *lp_ctx;
2665 lp_ctx = setup_lp_context(frame);
2666 if (lp_ctx == NULL) {
2671 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2677 /***************************************************************************
2678 Process a parameter.
2679 ***************************************************************************/
2681 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2684 if (!bInGlobalSection && bGlobalOnly)
2687 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2689 if (bInGlobalSection) {
2690 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2692 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2693 pszParmName, pszParmValue);
2697 /***************************************************************************
2698 Initialize any local variables in the sDefault table, after parsing a
2700 ***************************************************************************/
2702 static void init_locals(void)
2705 * We run this check once the [globals] is parsed, to force
2706 * the VFS objects and other per-share settings we need for
2707 * the standard way a AD DC is operated. We may change these
2708 * as our code evolves, which is why we force these settings.
2710 * We can't do this at the end of lp_load_ex(), as by that
2711 * point the services have been loaded and they will already
2712 * have "" as their vfs objects.
2714 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2715 const char **vfs_objects = lp_vfs_objects(-1);
2716 if (!vfs_objects || !vfs_objects[0]) {
2717 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2718 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2719 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2720 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2722 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2726 lp_do_parameter(-1, "map hidden", "no");
2727 lp_do_parameter(-1, "map system", "no");
2728 lp_do_parameter(-1, "map readonly", "no");
2729 lp_do_parameter(-1, "map archive", "no");
2730 lp_do_parameter(-1, "store dos attributes", "yes");
2734 /***************************************************************************
2735 Process a new section (service). At this stage all sections are services.
2736 Later we'll have special sections that permit server parameters to be set.
2737 Returns true on success, false on failure.
2738 ***************************************************************************/
2740 bool lp_do_section(const char *pszSectionName, void *userdata)
2742 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2744 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2745 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2748 /* if we were in a global section then do the local inits */
2749 if (bInGlobalSection && !isglobal)
2752 /* if we've just struck a global section, note the fact. */
2753 bInGlobalSection = isglobal;
2754 if (lp_ctx != NULL) {
2755 lp_ctx->bInGlobalSection = isglobal;
2758 /* check for multiple global sections */
2759 if (bInGlobalSection) {
2760 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2764 if (!bInGlobalSection && bGlobalOnly)
2767 /* if we have a current service, tidy it up before moving on */
2770 if (iServiceIndex >= 0)
2771 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2773 /* if all is still well, move to the next record in the services array */
2775 /* We put this here to avoid an odd message order if messages are */
2776 /* issued by the post-processing of a previous section. */
2777 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2779 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2780 if (iServiceIndex < 0) {
2781 DEBUG(0, ("Failed to add a new service\n"));
2784 /* Clean all parametric options for service */
2785 /* They will be added during parsing again */
2786 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2792 /***************************************************************************
2793 Display the contents of a parameter of a single services record.
2794 ***************************************************************************/
2796 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2798 bool result = false;
2799 struct loadparm_context *lp_ctx;
2801 lp_ctx = setup_lp_context(talloc_tos());
2802 if (lp_ctx == NULL) {
2807 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2809 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2811 TALLOC_FREE(lp_ctx);
2816 /***************************************************************************
2817 Display the contents of a single copy structure.
2818 ***************************************************************************/
2819 static void dump_copy_map(bool *pcopymap)
2825 printf("\n\tNon-Copied parameters:\n");
2827 for (i = 0; parm_table[i].label; i++)
2828 if (parm_table[i].p_class == P_LOCAL &&
2829 parm_table[i].ptr && !pcopymap[i] &&
2830 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2832 printf("\t\t%s\n", parm_table[i].label);
2837 /***************************************************************************
2838 Return TRUE if the passed service number is within range.
2839 ***************************************************************************/
2841 bool lp_snum_ok(int iService)
2843 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->available);
2846 /***************************************************************************
2847 Auto-load some home services.
2848 ***************************************************************************/
2850 static void lp_add_auto_services(char *str)
2860 s = talloc_strdup(talloc_tos(), str);
2862 smb_panic("talloc_strdup failed");
2866 homes = lp_servicenumber(HOMES_NAME);
2868 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2869 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2872 if (lp_servicenumber(p) >= 0)
2875 home = get_user_home_dir(talloc_tos(), p);
2877 if (home && home[0] && homes >= 0)
2878 lp_add_home(p, homes, p, home);
2885 /***************************************************************************
2886 Auto-load one printer.
2887 ***************************************************************************/
2889 void lp_add_one_printer(const char *name, const char *comment,
2890 const char *location, void *pdata)
2892 int printers = lp_servicenumber(PRINTERS_NAME);
2895 if (lp_servicenumber(name) < 0) {
2896 lp_add_printer(name, printers);
2897 if ((i = lp_servicenumber(name)) >= 0) {
2898 lpcfg_string_set(ServicePtrs[i],
2899 &ServicePtrs[i]->comment, comment);
2900 ServicePtrs[i]->autoloaded = true;
2905 /***************************************************************************
2906 Have we loaded a services file yet?
2907 ***************************************************************************/
2909 bool lp_loaded(void)
2914 /***************************************************************************
2915 Unload unused services.
2916 ***************************************************************************/
2918 void lp_killunused(struct smbd_server_connection *sconn,
2919 bool (*snumused) (struct smbd_server_connection *, int))
2922 for (i = 0; i < iNumServices; i++) {
2926 /* don't kill autoloaded or usershare services */
2927 if ( ServicePtrs[i]->autoloaded ||
2928 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2932 if (!snumused || !snumused(sconn, i)) {
2933 free_service_byindex(i);
2939 * Kill all except autoloaded and usershare services - convenience wrapper
2941 void lp_kill_all_services(void)
2943 lp_killunused(NULL, NULL);
2946 /***************************************************************************
2948 ***************************************************************************/
2950 void lp_killservice(int iServiceIn)
2952 if (VALID(iServiceIn)) {
2953 free_service_byindex(iServiceIn);
2957 /***************************************************************************
2958 Save the curent values of all global and sDefault parameters into the
2959 defaults union. This allows testparm to show only the
2960 changed (ie. non-default) parameters.
2961 ***************************************************************************/
2963 static void lp_save_defaults(void)
2966 struct parmlist_entry * parm;
2967 for (i = 0; parm_table[i].label; i++) {
2968 if (!(flags_list[i] & FLAG_CMDLINE)) {
2969 flags_list[i] |= FLAG_DEFAULT;
2972 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2973 && parm_table[i].p_class == parm_table[i - 1].p_class)
2975 switch (parm_table[i].type) {
2978 parm_table[i].def.lvalue = str_list_copy(
2979 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2985 &parm_table[i].def.svalue,
2986 *(char **)lp_parm_ptr(
2987 NULL, &parm_table[i]));
2988 if (parm_table[i].def.svalue == NULL) {
2989 smb_panic("lpcfg_string_set() failed");
2994 parm_table[i].def.bvalue =
2995 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2998 parm_table[i].def.cvalue =
2999 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
3005 parm_table[i].def.ivalue =
3006 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
3011 for (parm=Globals.param_opt; parm; parm=parm->next) {
3012 if (!(parm->priority & FLAG_CMDLINE)) {
3013 parm->priority |= FLAG_DEFAULT;
3017 for (parm=sDefault.param_opt; parm; parm=parm->next) {
3018 if (!(parm->priority & FLAG_CMDLINE)) {
3019 parm->priority |= FLAG_DEFAULT;
3023 defaults_saved = true;
3026 /***********************************************************
3027 If we should send plaintext/LANMAN passwords in the clinet
3028 ************************************************************/
3030 static void set_allowed_client_auth(void)
3032 if (Globals.client_ntlmv2_auth) {
3033 Globals.client_lanman_auth = false;
3035 if (!Globals.client_lanman_auth) {
3036 Globals.client_plaintext_auth = false;
3040 /***************************************************************************
3042 The following code allows smbd to read a user defined share file.
3043 Yes, this is my intent. Yes, I'm comfortable with that...
3045 THE FOLLOWING IS SECURITY CRITICAL CODE.
3047 It washes your clothes, it cleans your house, it guards you while you sleep...
3048 Do not f%^k with it....
3049 ***************************************************************************/
3051 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3053 /***************************************************************************
3054 Check allowed stat state of a usershare file.
3055 Ensure we print out who is dicking with us so the admin can
3056 get their sorry ass fired.
3057 ***************************************************************************/
3059 static bool check_usershare_stat(const char *fname,
3060 const SMB_STRUCT_STAT *psbuf)
3062 if (!S_ISREG(psbuf->st_ex_mode)) {
3063 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3064 "not a regular file\n",
3065 fname, (unsigned int)psbuf->st_ex_uid ));
3069 /* Ensure this doesn't have the other write bit set. */
3070 if (psbuf->st_ex_mode & S_IWOTH) {
3071 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3072 "public write. Refusing to allow as a usershare file.\n",
3073 fname, (unsigned int)psbuf->st_ex_uid ));
3077 /* Should be 10k or less. */
3078 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3079 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3080 "too large (%u) to be a user share file.\n",
3081 fname, (unsigned int)psbuf->st_ex_uid,
3082 (unsigned int)psbuf->st_ex_size ));
3089 /***************************************************************************
3090 Parse the contents of a usershare file.
3091 ***************************************************************************/
3093 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3094 SMB_STRUCT_STAT *psbuf,
3095 const char *servicename,
3099 char **pp_sharepath,
3101 char **pp_cp_servicename,
3102 struct security_descriptor **ppsd,
3105 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3106 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3109 SMB_STRUCT_STAT sbuf;
3110 char *sharepath = NULL;
3111 char *comment = NULL;
3113 *pp_sharepath = NULL;
3116 *pallow_guest = false;
3119 return USERSHARE_MALFORMED_FILE;
3122 if (strcmp(lines[0], "#VERSION 1") == 0) {
3124 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3127 return USERSHARE_MALFORMED_FILE;
3130 return USERSHARE_BAD_VERSION;
3133 if (strncmp(lines[1], "path=", 5) != 0) {
3134 return USERSHARE_MALFORMED_PATH;
3137 sharepath = talloc_strdup(ctx, &lines[1][5]);
3139 return USERSHARE_POSIX_ERR;
3141 trim_string(sharepath, " ", " ");
3143 if (strncmp(lines[2], "comment=", 8) != 0) {
3144 return USERSHARE_MALFORMED_COMMENT_DEF;
3147 comment = talloc_strdup(ctx, &lines[2][8]);
3149 return USERSHARE_POSIX_ERR;
3151 trim_string(comment, " ", " ");
3152 trim_char(comment, '"', '"');
3154 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3155 return USERSHARE_MALFORMED_ACL_DEF;
3158 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3159 return USERSHARE_ACL_ERR;
3163 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3164 return USERSHARE_MALFORMED_ACL_DEF;
3166 if (lines[4][9] == 'y') {
3167 *pallow_guest = true;
3170 /* Backwards compatible extension to file version #2. */
3172 if (strncmp(lines[5], "sharename=", 10) != 0) {
3173 return USERSHARE_MALFORMED_SHARENAME_DEF;
3175 if (!strequal(&lines[5][10], servicename)) {
3176 return USERSHARE_BAD_SHARENAME;
3178 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3179 if (!*pp_cp_servicename) {
3180 return USERSHARE_POSIX_ERR;
3185 if (*pp_cp_servicename == NULL) {
3186 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3187 if (!*pp_cp_servicename) {
3188 return USERSHARE_POSIX_ERR;
3192 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3193 /* Path didn't change, no checks needed. */
3194 *pp_sharepath = sharepath;
3195 *pp_comment = comment;
3196 return USERSHARE_OK;
3199 /* The path *must* be absolute. */
3200 if (sharepath[0] != '/') {
3201 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3202 servicename, sharepath));
3203 return USERSHARE_PATH_NOT_ABSOLUTE;
3206 /* If there is a usershare prefix deny list ensure one of these paths
3207 doesn't match the start of the user given path. */
3208 if (prefixdenylist) {
3210 for ( i=0; prefixdenylist[i]; i++ ) {
3211 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3212 servicename, i, prefixdenylist[i], sharepath ));
3213 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3214 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3215 "usershare prefix deny list entries.\n",
3216 servicename, sharepath));
3217 return USERSHARE_PATH_IS_DENIED;
3222 /* If there is a usershare prefix allow list ensure one of these paths
3223 does match the start of the user given path. */
3225 if (prefixallowlist) {
3227 for ( i=0; prefixallowlist[i]; i++ ) {
3228 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3229 servicename, i, prefixallowlist[i], sharepath ));
3230 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3234 if (prefixallowlist[i] == NULL) {
3235 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3236 "usershare prefix allow list entries.\n",
3237 servicename, sharepath));
3238 return USERSHARE_PATH_NOT_ALLOWED;
3242 /* Ensure this is pointing to a directory. */
3243 dp = opendir(sharepath);
3246 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3247 servicename, sharepath));
3248 return USERSHARE_PATH_NOT_DIRECTORY;
3251 /* Ensure the owner of the usershare file has permission to share
3254 if (sys_stat(sharepath, &sbuf, false) == -1) {
3255 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3256 servicename, sharepath, strerror(errno) ));
3258 return USERSHARE_POSIX_ERR;
3263 if (!S_ISDIR(sbuf.st_ex_mode)) {
3264 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3265 servicename, sharepath ));
3266 return USERSHARE_PATH_NOT_DIRECTORY;
3269 /* Check if sharing is restricted to owner-only. */
3270 /* psbuf is the stat of the usershare definition file,
3271 sbuf is the stat of the target directory to be shared. */
3273 if (lp_usershare_owner_only()) {
3274 /* root can share anything. */
3275 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3276 return USERSHARE_PATH_NOT_ALLOWED;
3280 *pp_sharepath = sharepath;
3281 *pp_comment = comment;
3282 return USERSHARE_OK;
3285 /***************************************************************************
3286 Deal with a usershare file.
3289 -1 - Bad name, invalid contents.
3290 - service name already existed and not a usershare, problem
3291 with permissions to share directory etc.
3292 ***************************************************************************/
3294 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3296 SMB_STRUCT_STAT sbuf;
3297 SMB_STRUCT_STAT lsbuf;
3299 char *sharepath = NULL;
3300 char *comment = NULL;
3301 char *cp_service_name = NULL;
3302 char **lines = NULL;
3306 TALLOC_CTX *ctx = talloc_stackframe();
3307 struct security_descriptor *psd = NULL;
3308 bool guest_ok = false;
3309 char *canon_name = NULL;
3310 bool added_service = false;
3313 /* Ensure share name doesn't contain invalid characters. */
3314 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3315 DEBUG(0,("process_usershare_file: share name %s contains "
3316 "invalid characters (any of %s)\n",
3317 file_name, INVALID_SHARENAME_CHARS ));
3321 canon_name = canonicalize_servicename(ctx, file_name);
3326 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3331 /* Minimize the race condition by doing an lstat before we
3332 open and fstat. Ensure this isn't a symlink link. */
3334 if (sys_lstat(fname, &lsbuf, false) != 0) {
3335 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3336 fname, strerror(errno) ));
3340 /* This must be a regular file, not a symlink, directory or
3341 other strange filetype. */
3342 if (!check_usershare_stat(fname, &lsbuf)) {
3350 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3355 if (NT_STATUS_IS_OK(status) &&
3356 (data.dptr != NULL) &&
3357 (data.dsize == sizeof(iService))) {
3358 memcpy(&iService, data.dptr, sizeof(iService));
3362 if (iService != -1 &&
3363 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3364 &lsbuf.st_ex_mtime) == 0) {
3365 /* Nothing changed - Mark valid and return. */
3366 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3368 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3373 /* Try and open the file read only - no symlinks allowed. */
3375 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3377 fd = open(fname, O_RDONLY, 0);
3381 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3382 fname, strerror(errno) ));
3386 /* Now fstat to be *SURE* it's a regular file. */
3387 if (sys_fstat(fd, &sbuf, false) != 0) {
3389 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3390 fname, strerror(errno) ));
3394 /* Is it the same dev/inode as was lstated ? */
3395 if (!check_same_stat(&lsbuf, &sbuf)) {
3397 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3398 "Symlink spoofing going on ?\n", fname ));
3402 /* This must be a regular file, not a symlink, directory or
3403 other strange filetype. */
3404 if (!check_usershare_stat(fname, &sbuf)) {
3409 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3412 if (lines == NULL) {
3413 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3414 fname, (unsigned int)sbuf.st_ex_uid ));
3418 if (parse_usershare_file(ctx, &sbuf, file_name,
3419 iService, lines, numlines, &sharepath,
3420 &comment, &cp_service_name,
3421 &psd, &guest_ok) != USERSHARE_OK) {
3425 /* Everything ok - add the service possibly using a template. */
3427 const struct loadparm_service *sp = &sDefault;
3428 if (snum_template != -1) {
3429 sp = ServicePtrs[snum_template];
3432 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3433 DEBUG(0, ("process_usershare_file: Failed to add "
3434 "new service %s\n", cp_service_name));
3438 added_service = true;
3440 /* Read only is controlled by usershare ACL below. */
3441 ServicePtrs[iService]->read_only = false;
3444 /* Write the ACL of the new/modified share. */
3445 if (!set_share_security(canon_name, psd)) {
3446 DEBUG(0, ("process_usershare_file: Failed to set share "
3447 "security for user share %s\n",
3452 /* If from a template it may be marked invalid. */
3453 ServicePtrs[iService]->valid = true;
3455 /* Set the service as a valid usershare. */
3456 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3458 /* Set guest access. */
3459 if (lp_usershare_allow_guests()) {
3460 ServicePtrs[iService]->guest_ok = guest_ok;
3463 /* And note when it was loaded. */
3464 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3465 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3467 lpcfg_string_set(ServicePtrs[iService],
3468 &ServicePtrs[iService]->comment, comment);
3474 if (ret == -1 && iService != -1 && added_service) {
3475 lp_remove_service(iService);
3483 /***************************************************************************
3484 Checks if a usershare entry has been modified since last load.
3485 ***************************************************************************/
3487 static bool usershare_exists(int iService, struct timespec *last_mod)
3489 SMB_STRUCT_STAT lsbuf;
3490 const char *usersharepath = Globals.usershare_path;
3493 fname = talloc_asprintf(talloc_tos(),
3496 ServicePtrs[iService]->szService);
3497 if (fname == NULL) {
3501 if (sys_lstat(fname, &lsbuf, false) != 0) {
3506 if (!S_ISREG(lsbuf.st_ex_mode)) {
3512 *last_mod = lsbuf.st_ex_mtime;
3516 static bool usershare_directory_is_root(uid_t uid)
3522 if (uid_wrapper_enabled()) {
3529 /***************************************************************************
3530 Load a usershare service by name. Returns a valid servicenumber or -1.
3531 ***************************************************************************/
3533 int load_usershare_service(const char *servicename)
3535 SMB_STRUCT_STAT sbuf;
3536 const char *usersharepath = Globals.usershare_path;
3537 int max_user_shares = Globals.usershare_max_shares;
3538 int snum_template = -1;
3540 if (*usersharepath == 0 || max_user_shares == 0) {
3544 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3545 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3546 usersharepath, strerror(errno) ));
3550 if (!S_ISDIR(sbuf.st_ex_mode)) {
3551 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3557 * This directory must be owned by root, and have the 't' bit set.
3558 * It also must not be writable by "other".
3562 if (!usershare_directory_is_root(sbuf.st_ex_uid) ||
3563 !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3565 if (!usershare_directory_is_root(sbuf.st_ex_uid) ||
3566 (sbuf.st_ex_mode & S_IWOTH)) {
3568 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3569 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3574 /* Ensure the template share exists if it's set. */
3575 if (Globals.usershare_template_share[0]) {
3576 /* We can't use lp_servicenumber here as we are recommending that
3577 template shares have -valid=false set. */
3578 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3579 if (ServicePtrs[snum_template]->szService &&
3580 strequal(ServicePtrs[snum_template]->szService,
3581 Globals.usershare_template_share)) {
3586 if (snum_template == -1) {
3587 DEBUG(0,("load_usershare_service: usershare template share %s "
3588 "does not exist.\n",
3589 Globals.usershare_template_share ));
3594 return process_usershare_file(usersharepath, servicename, snum_template);
3597 /***************************************************************************
3598 Load all user defined shares from the user share directory.
3599 We only do this if we're enumerating the share list.
3600 This is the function that can delete usershares that have
3602 ***************************************************************************/
3604 int load_usershare_shares(struct smbd_server_connection *sconn,
3605 bool (*snumused) (struct smbd_server_connection *, int))
3608 SMB_STRUCT_STAT sbuf;
3610 int num_usershares = 0;
3611 int max_user_shares = Globals.usershare_max_shares;
3612 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3613 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3614 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3616 int snum_template = -1;
3617 const char *usersharepath = Globals.usershare_path;
3618 int ret = lp_numservices();
3619 TALLOC_CTX *tmp_ctx;
3621 if (max_user_shares == 0 || *usersharepath == '\0') {
3622 return lp_numservices();
3625 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3626 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3627 usersharepath, strerror(errno) ));
3632 * This directory must be owned by root, and have the 't' bit set.
3633 * It also must not be writable by "other".
3637 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3639 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3641 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3642 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3647 /* Ensure the template share exists if it's set. */
3648 if (Globals.usershare_template_share[0]) {
3649 /* We can't use lp_servicenumber here as we are recommending that
3650 template shares have -valid=false set. */
3651 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3652 if (ServicePtrs[snum_template]->szService &&
3653 strequal(ServicePtrs[snum_template]->szService,
3654 Globals.usershare_template_share)) {
3659 if (snum_template == -1) {
3660 DEBUG(0,("load_usershare_shares: usershare template share %s "
3661 "does not exist.\n",
3662 Globals.usershare_template_share ));
3667 /* Mark all existing usershares as pending delete. */
3668 for (iService = iNumServices - 1; iService >= 0; iService--) {
3669 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3670 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3674 dp = opendir(usersharepath);
3676 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3677 usersharepath, strerror(errno) ));
3681 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3683 num_dir_entries++ ) {
3685 const char *n = de->d_name;
3687 /* Ignore . and .. */
3689 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3695 /* Temporary file used when creating a share. */
3696 num_tmp_dir_entries++;
3699 /* Allow 20% tmp entries. */
3700 if (num_tmp_dir_entries > allowed_tmp_entries) {
3701 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3702 "in directory %s\n",
3703 num_tmp_dir_entries, usersharepath));
3707 r = process_usershare_file(usersharepath, n, snum_template);
3709 /* Update the services count. */
3711 if (num_usershares >= max_user_shares) {
3712 DEBUG(0,("load_usershare_shares: max user shares reached "
3713 "on file %s in directory %s\n",
3714 n, usersharepath ));
3717 } else if (r == -1) {
3718 num_bad_dir_entries++;
3721 /* Allow 20% bad entries. */
3722 if (num_bad_dir_entries > allowed_bad_entries) {
3723 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3724 "in directory %s\n",
3725 num_bad_dir_entries, usersharepath));
3729 /* Allow 20% bad entries. */
3730 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3731 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3732 "in directory %s\n",
3733 num_dir_entries, usersharepath));
3740 /* Sweep through and delete any non-refreshed usershares that are
3741 not currently in use. */
3742 tmp_ctx = talloc_stackframe();
3743 for (iService = iNumServices - 1; iService >= 0; iService--) {
3744 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3747 if (snumused && snumused(sconn, iService)) {
3751 servname = lp_servicename(tmp_ctx, iService);
3753 /* Remove from the share ACL db. */
3754 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3756 delete_share_security(servname);
3757 free_service_byindex(iService);
3760 talloc_free(tmp_ctx);
3762 return lp_numservices();
3765 /********************************************************
3766 Destroy global resources allocated in this file
3767 ********************************************************/
3769 void gfree_loadparm(void)
3775 /* Free resources allocated to services */
3777 for ( i = 0; i < iNumServices; i++ ) {
3779 free_service_byindex(i);
3783 TALLOC_FREE( ServicePtrs );
3786 /* Now release all resources allocated to global
3787 parameters and the default service */
3789 free_global_parameters();
3793 /***************************************************************************
3794 Allow client apps to specify that they are a client
3795 ***************************************************************************/
3796 static void lp_set_in_client(bool b)
3802 /***************************************************************************
3803 Determine if we're running in a client app
3804 ***************************************************************************/
3805 static bool lp_is_in_client(void)
3810 static void lp_enforce_ad_dc_settings(void)
3812 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3813 lp_do_parameter(GLOBAL_SECTION_SNUM,
3814 "winbindd:use external pipes", "true");
3815 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3816 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3817 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3818 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3819 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3820 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3821 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3822 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3823 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3826 /***************************************************************************
3827 Load the services array from the services file. Return true on success,
3829 ***************************************************************************/
3831 static bool lp_load_ex(const char *pszFname,
3835 bool reinit_globals,
3836 bool allow_include_registry,
3837 bool load_all_shares)
3841 TALLOC_CTX *frame = talloc_stackframe();
3842 struct loadparm_context *lp_ctx;
3846 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3848 bInGlobalSection = true;
3849 bGlobalOnly = global_only;
3850 bAllowIncludeRegistry = allow_include_registry;
3852 lp_ctx = setup_lp_context(talloc_tos());
3854 init_globals(lp_ctx, reinit_globals);
3858 if (save_defaults) {
3863 if (!reinit_globals) {
3864 free_param_opts(&Globals.param_opt);
3865 apply_lp_set_cmdline();
3868 lp_do_parameter(-1, "idmap config * : backend", Globals.idmap_backend);
3870 /* We get sections first, so have to start 'behind' to make up */
3873 if (lp_config_backend_is_file()) {
3874 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3875 current_user_info.domain,
3878 smb_panic("lp_load_ex: out of memory");
3881 add_to_file_list(NULL, &file_lists, pszFname, n2);
3883 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3886 /* finish up the last section */
3887 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3889 if (iServiceIndex >= 0) {
3890 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3894 if (lp_config_backend_is_registry()) {
3896 /* config backend changed to registry in config file */
3898 * We need to use this extra global variable here to
3899 * survive restart: init_globals uses this as a default
3900 * for config_backend. Otherwise, init_globals would
3901 * send us into an endless loop here.
3904 config_backend = CONFIG_BACKEND_REGISTRY;
3906 DEBUG(1, ("lp_load_ex: changing to config backend "
3908 init_globals(lp_ctx, true);
3910 TALLOC_FREE(lp_ctx);
3912 lp_kill_all_services();
3913 ok = lp_load_ex(pszFname, global_only, save_defaults,
3914 add_ipc, reinit_globals,
3915 allow_include_registry,
3920 } else if (lp_config_backend_is_registry()) {
3921 bRetval = process_registry_globals();
3923 DEBUG(0, ("Illegal config backend given: %d\n",
3924 lp_config_backend()));
3928 if (bRetval && lp_registry_shares()) {
3929 if (load_all_shares) {
3930 bRetval = process_registry_shares();
3932 bRetval = reload_registry_shares();
3937 char *serv = lp_auto_services(talloc_tos());
3938 lp_add_auto_services(serv);
3943 /* When 'restrict anonymous = 2' guest connections to ipc$
3945 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3946 if ( lp_enable_asu_support() ) {
3947 lp_add_ipc("ADMIN$", false);
3951 set_allowed_client_auth();
3953 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3954 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3955 lp_password_server()));
3960 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3961 /* if we_are_a_wins_server is true and we are in the client */
3962 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3963 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3968 fault_configure(smb_panic_s3);
3971 * We run this check once the whole smb.conf is parsed, to
3972 * force some settings for the standard way a AD DC is
3973 * operated. We may change these as our code evolves, which
3974 * is why we force these settings.
3976 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3977 lp_enforce_ad_dc_settings();
3980 bAllowIncludeRegistry = true;
3986 static bool lp_load(const char *pszFname,
3990 bool reinit_globals)
3992 return lp_load_ex(pszFname,
3997 true, /* allow_include_registry */
3998 false); /* load_all_shares*/
4001 bool lp_load_initial_only(const char *pszFname)
4003 return lp_load_ex(pszFname,
4004 true, /* global only */
4005 true, /* save_defaults */
4006 false, /* add_ipc */
4007 true, /* reinit_globals */
4008 false, /* allow_include_registry */
4009 false); /* load_all_shares*/
4013 * most common lp_load wrapper, loading only the globals
4015 * If this is used in a daemon or client utility it should be called
4016 * after processing popt.
4018 bool lp_load_global(const char *file_name)
4020 return lp_load(file_name,
4021 true, /* global_only */
4022 false, /* save_defaults */
4023 false, /* add_ipc */
4024 true); /* reinit_globals */
4028 * The typical lp_load wrapper with shares, loads global and
4029 * shares, including IPC, but does not force immediate
4030 * loading of all shares from registry.
4032 bool lp_load_with_shares(const char *file_name)
4034 return lp_load(file_name,
4035 false, /* global_only */
4036 false, /* save_defaults */
4038 true); /* reinit_globals */
4042 * lp_load wrapper, especially for clients
4044 bool lp_load_client(const char *file_name)
4046 lp_set_in_client(true);
4048 return lp_load_global(file_name);
4052 * lp_load wrapper, loading only globals, but intended
4053 * for subsequent calls, not reinitializing the globals
4056 bool lp_load_global_no_reinit(const char *file_name)
4058 return lp_load(file_name,
4059 true, /* global_only */
4060 false, /* save_defaults */
4061 false, /* add_ipc */
4062 false); /* reinit_globals */
4066 * lp_load wrapper, loading globals and shares,
4067 * intended for subsequent calls, i.e. not reinitializing
4068 * the globals to default values.
4070 bool lp_load_no_reinit(const char *file_name)
4072 return lp_load(file_name,
4073 false, /* global_only */
4074 false, /* save_defaults */
4075 false, /* add_ipc */
4076 false); /* reinit_globals */
4081 * lp_load wrapper, especially for clients, no reinitialization
4083 bool lp_load_client_no_reinit(const char *file_name)
4085 lp_set_in_client(true);
4087 return lp_load_global_no_reinit(file_name);
4090 bool lp_load_with_registry_shares(const char *pszFname)
4092 return lp_load_ex(pszFname,
4093 false, /* global_only */
4094 true, /* save_defaults */
4095 false, /* add_ipc */
4096 false, /* reinit_globals */
4097 true, /* allow_include_registry */
4098 true); /* load_all_shares*/
4101 /***************************************************************************
4102 Return the max number of services.
4103 ***************************************************************************/
4105 int lp_numservices(void)
4107 return (iNumServices);
4110 /***************************************************************************
4111 Display the contents of the services array in human-readable form.
4112 ***************************************************************************/
4114 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4117 struct loadparm_context *lp_ctx;
4120 defaults_saved = false;
4122 lp_ctx = setup_lp_context(talloc_tos());
4123 if (lp_ctx == NULL) {
4127 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
4129 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4131 for (iService = 0; iService < maxtoprint; iService++) {
4133 lp_dump_one(f, show_defaults, iService);
4137 /***************************************************************************
4138 Display the contents of one service in human-readable form.
4139 ***************************************************************************/
4141 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4144 if (ServicePtrs[snum]->szService[0] == '\0')
4146 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4147 flags_list, show_defaults);
4151 /***************************************************************************
4152 Return the number of the service with the given name, or -1 if it doesn't
4153 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4154 getservicebyname()! This works ONLY if all services have been loaded, and
4155 does not copy the found service.
4156 ***************************************************************************/
4158 int lp_servicenumber(const char *pszServiceName)
4161 fstring serviceName;
4163 if (!pszServiceName) {
4164 return GLOBAL_SECTION_SNUM;
4167 for (iService = iNumServices - 1; iService >= 0; iService--) {
4168 if (VALID(iService) && ServicePtrs[iService]->szService) {
4170 * The substitution here is used to support %U in
4173 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4174 standard_sub_basic(get_current_username(),
4175 current_user_info.domain,
4176 serviceName,sizeof(serviceName));
4177 if (strequal(serviceName, pszServiceName)) {
4183 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4184 struct timespec last_mod;
4186 if (!usershare_exists(iService, &last_mod)) {
4187 /* Remove the share security tdb entry for it. */
4188 delete_share_security(lp_servicename(talloc_tos(), iService));
4189 /* Remove it from the array. */
4190 free_service_byindex(iService);
4191 /* Doesn't exist anymore. */
4192 return GLOBAL_SECTION_SNUM;
4195 /* Has it been modified ? If so delete and reload. */
4196 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4198 /* Remove it from the array. */
4199 free_service_byindex(iService);
4200 /* and now reload it. */
4201 iService = load_usershare_service(pszServiceName);
4206 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4207 return GLOBAL_SECTION_SNUM;
4213 /*******************************************************************
4214 A useful volume label function.
4215 ********************************************************************/
4217 const char *volume_label(TALLOC_CTX *ctx, int snum)
4220 const char *label = lp_volume(ctx, snum);
4222 label = lp_servicename(ctx, snum);
4225 /* This returns a 33 byte guarenteed null terminated string. */
4226 ret = talloc_strndup(ctx, label, 32);
4233 /*******************************************************************
4234 Get the default server type we will announce as via nmbd.
4235 ********************************************************************/
4237 int lp_default_server_announce(void)
4239 int default_server_announce = 0;
4240 default_server_announce |= SV_TYPE_WORKSTATION;
4241 default_server_announce |= SV_TYPE_SERVER;
4242 default_server_announce |= SV_TYPE_SERVER_UNIX;
4244 /* note that the flag should be set only if we have a
4245 printer service but nmbd doesn't actually load the
4246 services so we can't tell --jerry */
4248 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4250 default_server_announce |= SV_TYPE_SERVER_NT;
4251 default_server_announce |= SV_TYPE_NT;
4253 switch (lp_server_role()) {
4254 case ROLE_DOMAIN_MEMBER:
4255 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4257 case ROLE_DOMAIN_PDC:
4258 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4260 case ROLE_DOMAIN_BDC:
4261 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4263 case ROLE_STANDALONE:
4267 if (lp_time_server())
4268 default_server_announce |= SV_TYPE_TIME_SOURCE;
4270 if (lp_host_msdfs())
4271 default_server_announce |= SV_TYPE_DFS_SERVER;
4273 return default_server_announce;
4276 /***********************************************************
4277 If we are PDC then prefer us as DMB
4278 ************************************************************/
4280 bool lp_domain_master(void)
4282 if (Globals._domain_master == Auto)
4283 return (lp_server_role() == ROLE_DOMAIN_PDC);
4285 return (bool)Globals._domain_master;
4288 /***********************************************************
4289 If we are PDC then prefer us as DMB
4290 ************************************************************/
4292 static bool lp_domain_master_true_or_auto(void)
4294 if (Globals._domain_master) /* auto or yes */
4300 /***********************************************************
4301 If we are DMB then prefer us as LMB
4302 ************************************************************/
4304 bool lp_preferred_master(void)
4306 int preferred_master = lp__preferred_master();
4308 if (preferred_master == Auto)
4309 return (lp_local_master() && lp_domain_master());
4311 return (bool)preferred_master;
4314 /*******************************************************************
4316 ********************************************************************/
4318 void lp_remove_service(int snum)
4320 ServicePtrs[snum]->valid = false;
4323 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4325 const char *ret = lp__printername(ctx, snum);
4326 if (ret == NULL || *ret == '\0') {
4327 ret = lp_const_servicename(snum);
4334 /***********************************************************
4335 Allow daemons such as winbindd to fix their logfile name.
4336 ************************************************************/
4338 void lp_set_logfile(const char *name)
4340 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4341 debug_set_logfile(name);
4344 /*******************************************************************
4345 Return the max print jobs per queue.
4346 ********************************************************************/
4348 int lp_maxprintjobs(int snum)
4350 int maxjobs = lp_max_print_jobs(snum);
4352 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4353 maxjobs = PRINT_MAX_JOBID - 1;
4358 const char *lp_printcapname(void)
4360 const char *printcap_name = lp_printcap_name();
4362 if ((printcap_name != NULL) &&
4363 (printcap_name[0] != '\0'))
4364 return printcap_name;
4366 if (sDefault.printing == PRINT_CUPS) {
4370 if (sDefault.printing == PRINT_BSD)
4371 return "/etc/printcap";
4373 return PRINTCAP_NAME;
4376 static uint32_t spoolss_state;
4378 bool lp_disable_spoolss( void )
4380 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4381 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4383 return spoolss_state == SVCCTL_STOPPED ? true : false;
4386 void lp_set_spoolss_state( uint32_t state )
4388 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4390 spoolss_state = state;
4393 uint32_t lp_get_spoolss_state( void )
4395 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4398 /*******************************************************************
4399 Ensure we don't use sendfile if server smb signing is active.
4400 ********************************************************************/
4402 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4404 bool sign_active = false;
4406 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4407 if (get_Protocol() < PROTOCOL_NT1) {
4410 if (signing_state) {
4411 sign_active = smb_signing_is_active(signing_state);
4413 return (lp__use_sendfile(snum) &&
4414 (get_remote_arch() != RA_WIN95) &&
4418 /*******************************************************************
4419 Turn off sendfile if we find the underlying OS doesn't support it.
4420 ********************************************************************/
4422 void set_use_sendfile(int snum, bool val)
4424 if (LP_SNUM_OK(snum))
4425 ServicePtrs[snum]->_use_sendfile = val;
4427 sDefault._use_sendfile = val;
4430 void lp_set_mangling_method(const char *new_method)
4432 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4435 /*******************************************************************
4436 Global state for POSIX pathname processing.
4437 ********************************************************************/
4439 static bool posix_pathnames;
4441 bool lp_posix_pathnames(void)
4443 return posix_pathnames;
4446 /*******************************************************************
4447 Change everything needed to ensure POSIX pathname processing (currently
4449 ********************************************************************/
4451 void lp_set_posix_pathnames(void)
4453 posix_pathnames = true;
4456 /*******************************************************************
4457 Global state for POSIX lock processing - CIFS unix extensions.
4458 ********************************************************************/
4460 bool posix_default_lock_was_set;
4461 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4463 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4465 if (posix_default_lock_was_set) {
4466 return posix_cifsx_locktype;
4468 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4469 POSIX_LOCK : WINDOWS_LOCK;
4473 /*******************************************************************
4474 ********************************************************************/
4476 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4478 posix_default_lock_was_set = true;
4479 posix_cifsx_locktype = val;
4482 int lp_min_receive_file_size(void)
4484 int min_receivefile_size = lp_min_receivefile_size();
4486 if (min_receivefile_size < 0) {
4489 return min_receivefile_size;
4492 /*******************************************************************
4493 Safe wide links checks.
4494 This helper function always verify the validity of wide links,
4495 even after a configuration file reload.
4496 ********************************************************************/
4498 void widelinks_warning(int snum)
4500 if (lp_allow_insecure_wide_links()) {
4504 if (lp_unix_extensions() && lp_wide_links(snum)) {
4505 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4506 "These parameters are incompatible. "
4507 "Wide links will be disabled for this share.\n",
4508 lp_servicename(talloc_tos(), snum) ));
4512 bool lp_widelinks(int snum)
4514 /* wide links is always incompatible with unix extensions */
4515 if (lp_unix_extensions()) {
4517 * Unless we have "allow insecure widelinks"
4520 if (!lp_allow_insecure_wide_links()) {
4525 return lp_wide_links(snum);
4528 int lp_server_role(void)
4530 return lp_find_server_role(lp__server_role(),
4532 lp__domain_logons(),
4533 lp_domain_master_true_or_auto());
4536 int lp_security(void)
4538 return lp_find_security(lp__server_role(),
4542 int lp_client_max_protocol(void)
4544 int client_max_protocol = lp__client_max_protocol();
4545 if (client_max_protocol == PROTOCOL_DEFAULT) {
4546 return PROTOCOL_LATEST;
4548 return client_max_protocol;
4551 int lp_client_ipc_min_protocol(void)
4553 int client_ipc_min_protocol = lp__client_ipc_min_protocol();
4554 if (client_ipc_min_protocol == PROTOCOL_DEFAULT) {
4555 client_ipc_min_protocol = lp_client_min_protocol();
4557 if (client_ipc_min_protocol < PROTOCOL_NT1) {
4558 return PROTOCOL_NT1;
4560 return client_ipc_min_protocol;
4563 int lp_client_ipc_max_protocol(void)
4565 int client_ipc_max_protocol = lp__client_ipc_max_protocol();
4566 if (client_ipc_max_protocol == PROTOCOL_DEFAULT) {
4567 return PROTOCOL_LATEST;
4569 if (client_ipc_max_protocol < PROTOCOL_NT1) {
4570 return PROTOCOL_NT1;
4572 return client_ipc_max_protocol;
4575 int lp_client_ipc_signing(void)
4577 int client_ipc_signing = lp__client_ipc_signing();
4578 if (client_ipc_signing == SMB_SIGNING_DEFAULT) {
4579 return SMB_SIGNING_REQUIRED;
4581 return client_ipc_signing;
4584 int lp_rpc_low_port(void)
4586 return Globals.rpc_low_port;
4589 int lp_rpc_high_port(void)
4591 return Globals.rpc_high_port;
4594 struct loadparm_global * get_globals(void)
4599 unsigned int * get_flags(void)
4601 if (flags_list == NULL) {
4602 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
git.samba.org / samba.git / blob