2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
73 #ifdef HAVE_SYS_SYSCTL_H
74 #include <sys/sysctl.h>
77 #ifdef HAVE_HTTPCONNECTENCRYPT
78 #include <cups/http.h>
83 extern userdom_struct current_user_info;
85 /* the special value for the include parameter
86 * to be interpreted not as a file name but to
87 * trigger loading of the global smb.conf options
89 #ifndef INCLUDE_REGISTRY_NAME
90 #define INCLUDE_REGISTRY_NAME "registry"
93 static bool in_client = false; /* Not in the client by default */
94 static struct smbconf_csn conf_last_csn;
96 static int config_backend = CONFIG_BACKEND_FILE;
98 /* some helpful bits */
99 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
102 #define USERSHARE_VALID 1
103 #define USERSHARE_PENDING_DELETE 2
105 static bool defaults_saved = false;
107 #include "lib/param/param_global.h"
109 static struct loadparm_global Globals;
111 /* This is a default service used to prime a services structure */
112 static struct loadparm_service sDefault =
117 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .iMaxPrintJobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
188 .administrative_share = false,
191 .print_notify_backchannel = false,
195 .store_dos_attributes = false,
196 .dmapi_support = false,
198 .strict_locking = Auto,
199 .posix_locking = true,
201 .kernel_oplocks = false,
202 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
210 .strict_sync = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .use_client_driver = false,
226 .default_devmode = true,
227 .force_printername = false,
228 .nt_acl_support = true,
229 .force_unknown_acl_user = false,
230 ._use_sendfile = false,
231 .profile_acls = false,
232 .map_acl_inherit = false,
235 .acl_check_permissions = true,
236 .acl_map_full_control = true,
237 .acl_group_control = false,
238 .acl_allow_execute_always = false,
239 .change_notify = true,
240 .kernel_change_notify = true,
241 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
244 .map_readonly = MAP_READONLY_YES,
245 .directory_name_cache_size = 100,
246 .smb_encrypt = SMB_SIGNING_DEFAULT,
247 .kernel_share_modes = true,
248 .durable_handles = true,
253 /* local variables */
254 static struct loadparm_service **ServicePtrs = NULL;
255 static int iNumServices = 0;
256 static int iServiceIndex = 0;
257 static struct db_context *ServiceHash;
258 static bool bInGlobalSection = true;
259 static bool bGlobalOnly = false;
260 static struct file_lists *file_lists = NULL;
261 static unsigned int *flags_list = NULL;
263 static void set_allowed_client_auth(void);
265 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
266 static void free_param_opts(struct parmlist_entry **popts);
269 * Function to return the default value for the maximum number of open
270 * file descriptors permitted. This function tries to consult the
271 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
272 * the smaller of those.
274 static int max_open_files(void)
276 int sysctl_max = MAX_OPEN_FILES;
277 int rlimit_max = MAX_OPEN_FILES;
279 #ifdef HAVE_SYSCTLBYNAME
281 size_t size = sizeof(sysctl_max);
282 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
287 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
293 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
294 rlimit_max = rl.rlim_cur;
296 #if defined(RLIM_INFINITY)
297 if(rl.rlim_cur == RLIM_INFINITY)
298 rlimit_max = MAX_OPEN_FILES;
303 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
304 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
305 "minimum Windows limit (%d)\n",
307 MIN_OPEN_FILES_WINDOWS));
308 sysctl_max = MIN_OPEN_FILES_WINDOWS;
311 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
312 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
313 "minimum Windows limit (%d)\n",
315 MIN_OPEN_FILES_WINDOWS));
316 rlimit_max = MIN_OPEN_FILES_WINDOWS;
319 return MIN(sysctl_max, rlimit_max);
323 * Common part of freeing allocated data for one parameter.
325 static void free_one_parameter_common(void *parm_ptr,
326 struct parm_struct parm)
328 if ((parm.type == P_STRING) ||
329 (parm.type == P_USTRING))
331 lpcfg_string_free((char**)parm_ptr);
332 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
333 TALLOC_FREE(*((char***)parm_ptr));
338 * Free the allocated data for one parameter for a share
339 * given as a service struct.
341 static void free_one_parameter(struct loadparm_service *service,
342 struct parm_struct parm)
346 if (parm.p_class != P_LOCAL) {
350 parm_ptr = lp_parm_ptr(service, &parm);
352 free_one_parameter_common(parm_ptr, parm);
356 * Free the allocated parameter data of a share given
357 * as a service struct.
359 static void free_parameters(struct loadparm_service *service)
363 for (i=0; parm_table[i].label; i++) {
364 free_one_parameter(service, parm_table[i]);
369 * Free the allocated data for one parameter for a given share
370 * specified by an snum.
372 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
377 parm_ptr = lp_parm_ptr(NULL, &parm);
378 } else if (parm.p_class != P_LOCAL) {
381 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
384 free_one_parameter_common(parm_ptr, parm);
388 * Free the allocated parameter data for a share specified
391 static void free_parameters_by_snum(int snum)
395 for (i=0; parm_table[i].label; i++) {
396 free_one_parameter_by_snum(snum, parm_table[i]);
401 * Free the allocated global parameters.
403 static void free_global_parameters(void)
405 free_param_opts(&Globals.param_opt);
406 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
407 TALLOC_FREE(Globals.ctx);
410 struct lp_stored_option {
411 struct lp_stored_option *prev, *next;
416 static struct lp_stored_option *stored_options;
419 save options set by lp_set_cmdline() into a list. This list is
420 re-applied when we do a globals reset, so that cmdline set options
421 are sticky across reloads of smb.conf
423 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
425 struct lp_stored_option *entry, *entry_next;
426 for (entry = stored_options; entry != NULL; entry = entry_next) {
427 entry_next = entry->next;
428 if (strcmp(pszParmName, entry->label) == 0) {
429 DLIST_REMOVE(stored_options, entry);
435 entry = talloc(NULL, struct lp_stored_option);
440 entry->label = talloc_strdup(entry, pszParmName);
446 entry->value = talloc_strdup(entry, pszParmValue);
452 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
457 static bool apply_lp_set_cmdline(void)
459 struct lp_stored_option *entry = NULL;
460 for (entry = stored_options; entry != NULL; entry = entry->next) {
461 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
462 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
463 entry->label, entry->value));
470 /***************************************************************************
471 Initialise the global parameter structure.
472 ***************************************************************************/
474 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
476 static bool done_init = false;
480 /* If requested to initialize only once and we've already done it... */
481 if (!reinit_globals && done_init) {
482 /* ... then we have nothing more to do */
487 /* The logfile can be set before this is invoked. Free it if so. */
488 lpcfg_string_free(&Globals.logfile);
491 free_global_parameters();
494 /* This memset and the free_global_parameters() above will
495 * wipe out smb.conf options set with lp_set_cmdline(). The
496 * apply_lp_set_cmdline() call puts these values back in the
497 * table once the defaults are set */
498 ZERO_STRUCT(Globals);
500 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
502 /* Initialize the flags list if necessary */
503 if (flags_list == NULL) {
507 for (i = 0; parm_table[i].label; i++) {
508 if ((parm_table[i].type == P_STRING ||
509 parm_table[i].type == P_USTRING))
513 (char **)lp_parm_ptr(NULL, &parm_table[i]),
519 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
520 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
522 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
524 sDefault.ntvfs_handler = (const char **)str_list_make_v3(NULL, "unixuid default", NULL);
526 DEBUG(3, ("Initialising global parameters\n"));
528 /* Must manually force to upper case here, as this does not go via the handler */
529 lpcfg_string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
531 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
532 get_dyn_SMB_PASSWD_FILE());
533 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
534 get_dyn_PRIVATE_DIR());
536 /* use the new 'hash2' method by default, with a prefix of 1 */
537 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
538 Globals.mangle_prefix = 1;
540 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
542 /* using UTF8 by default allows us to support all chars */
543 lpcfg_string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
545 /* Use codepage 850 as a default for the dos character set */
546 lpcfg_string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
549 * Allow the default PASSWD_CHAT to be overridden in local.h.
551 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
553 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
555 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
556 lpcfg_string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
557 lpcfg_string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
558 lpcfg_string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
559 lpcfg_string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
560 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
562 * By default support explicit binding to broadcast
565 Globals.nmbd_bind_explicit_broadcast = true;
567 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
569 smb_panic("init_globals: ENOMEM");
571 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
574 lpcfg_string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
577 lpcfg_string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
579 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
580 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
581 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
582 lpcfg_string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
584 Globals.name_resolve_order = (const char **)str_list_make_v3(NULL, "lmhosts wins host bcast", NULL);
585 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
587 Globals.algorithmic_rid_base = BASE_RID;
589 Globals.load_printers = true;
590 Globals.printcap_cache_time = 750; /* 12.5 minutes */
592 Globals.config_backend = config_backend;
593 Globals._server_role = ROLE_AUTO;
595 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
596 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
597 Globals.max_xmit = 0x4104;
598 Globals.max_mux = 50; /* This is *needed* for profile support. */
599 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
600 Globals._disable_spoolss = false;
601 Globals.max_smbd_processes = 0;/* no limit specified */
602 Globals.username_level = 0;
603 Globals.deadtime = 0;
604 Globals.getwd_cache = true;
605 Globals.large_readwrite = true;
606 Globals.max_log_size = 5000;
607 Globals.max_open_files = max_open_files();
608 Globals.server_max_protocol = PROTOCOL_SMB3_00;
609 Globals.server_min_protocol = PROTOCOL_LANMAN1;
610 Globals._client_max_protocol = PROTOCOL_DEFAULT;
611 Globals.client_min_protocol = PROTOCOL_CORE;
612 Globals._security = SEC_AUTO;
613 Globals.encrypt_passwords = true;
614 Globals.client_schannel = Auto;
615 Globals.winbind_sealed_pipes = true;
616 Globals.require_strong_key = true;
617 Globals.server_schannel = Auto;
618 Globals.read_raw = true;
619 Globals.write_raw = true;
620 Globals.null_passwords = false;
621 Globals.old_password_allowed_period = 60;
622 Globals.obey_pam_restrictions = false;
624 Globals.syslog_only = false;
625 Globals.timestamp_logs = true;
626 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
627 Globals.debug_prefix_timestamp = false;
628 Globals.debug_hires_timestamp = true;
629 Globals.debug_pid = false;
630 Globals.debug_uid = false;
631 Globals.debug_class = false;
632 Globals.enable_core_files = true;
633 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
634 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
635 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
636 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
637 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
638 Globals.lm_interval = 60;
639 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
640 Globals.nis_homedir = false;
641 #ifdef WITH_NISPLUS_HOME
642 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
643 "auto_home.org_dir");
645 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
648 Globals.time_server = false;
649 Globals.bind_interfaces_only = false;
650 Globals.unix_password_sync = false;
651 Globals.pam_password_change = false;
652 Globals.passwd_chat_debug = false;
653 Globals.passwd_chat_timeout = 2; /* 2 second default. */
654 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
655 Globals.nt_status_support = true; /* Use NT status by default. */
656 Globals.stat_cache = true; /* use stat cache by default */
657 Globals.max_stat_cache_size = 256; /* 256k by default */
658 Globals.restrict_anonymous = 0;
659 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
660 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
661 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
662 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
663 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
664 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
665 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
667 Globals.map_to_guest = 0; /* By Default, "Never" */
668 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
669 Globals.enhanced_browsing = true;
670 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
671 #ifdef MMAP_BLACKLIST
672 Globals.use_mmap = false;
674 Globals.use_mmap = true;
676 Globals.unicode = true;
677 Globals.unix_extensions = true;
678 Globals.reset_on_zero_vc = false;
679 Globals.log_writeable_files_on_exit = false;
680 Globals.create_krb5_conf = true;
681 Globals.winbindMaxDomainConnections = 1;
683 /* hostname lookups can be very expensive and are broken on
684 a large number of sites (tridge) */
685 Globals.hostname_lookups = false;
687 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
688 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
689 lpcfg_string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
690 lpcfg_string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
691 lpcfg_string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
692 lpcfg_string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
694 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
695 Globals.ldap_ssl = LDAP_SSL_START_TLS;
696 Globals.ldap_ssl_ads = false;
697 Globals.ldap_deref = -1;
698 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
699 Globals.ldap_delete_dn = false;
700 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
701 Globals.ldap_follow_referral = Auto;
702 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
703 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
704 Globals.ldap_page_size = LDAP_PAGE_SIZE;
706 Globals.ldap_debug_level = 0;
707 Globals.ldap_debug_threshold = 10;
709 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
711 Globals.ldap_server_require_strong_auth =
712 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
714 /* This is what we tell the afs client. in reality we set the token
715 * to never expire, though, when this runs out the afs client will
716 * forget the token. Set to 0 to get NEVERDATE.*/
717 Globals.afs_token_lifetime = 604800;
718 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
720 /* these parameters are set to defaults that are more appropriate
721 for the increasing samba install base:
723 as a member of the workgroup, that will possibly become a
724 _local_ master browser (lm = true). this is opposed to a forced
725 local master browser startup (pm = true).
727 doesn't provide WINS server service by default (wsupp = false),
728 and doesn't provide domain master browser services by default, either.
732 Globals.show_add_printer_wizard = true;
733 Globals.os_level = 20;
734 Globals.local_master = true;
735 Globals._domain_master = Auto; /* depending on _domain_logons */
736 Globals._domain_logons = false;
737 Globals.browse_list = true;
738 Globals.we_are_a_wins_server = false;
739 Globals.wins_proxy = false;
741 TALLOC_FREE(Globals.init_logon_delayed_hosts);
742 Globals.init_logon_delay = 100; /* 100 ms default delay */
744 Globals.wins_dns_proxy = true;
746 Globals.allow_trusted_domains = true;
747 lpcfg_string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
749 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
750 lpcfg_string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
751 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
752 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
754 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
755 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
757 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
759 Globals.cluster_addresses = NULL;
760 Globals.clustering = false;
761 Globals.ctdb_timeout = 0;
762 Globals.ctdb_locktime_warn_threshold = 0;
764 Globals.winbind_cache_time = 300; /* 5 minutes */
765 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
766 Globals.winbind_request_timeout = 60; /* 60 seconds */
767 Globals.winbind_max_clients = 200;
768 Globals.winbind_enum_users = false;
769 Globals.winbind_enum_groups = false;
770 Globals.winbind_use_default_domain = false;
771 Globals.winbind_trusted_domains_only = false;
772 Globals.winbind_nested_groups = true;
773 Globals.winbind_expand_groups = 0;
774 Globals.winbind_nss_info = (const char **)str_list_make_v3(NULL, "template", NULL);
775 Globals.winbind_refresh_tickets = false;
776 Globals.winbind_offline_logon = false;
778 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
779 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
781 Globals.passdb_expand_explicit = false;
783 Globals.name_cache_timeout = 660; /* In seconds */
785 Globals.use_spnego = true;
786 Globals.client_use_spnego = true;
788 Globals.client_signing = SMB_SIGNING_DEFAULT;
789 Globals.server_signing = SMB_SIGNING_DEFAULT;
791 Globals.defer_sharing_violations = true;
792 Globals.smb_ports = (const char **)str_list_make_v3(NULL, SMB_PORTS, NULL);
794 Globals.enable_privileges = true;
795 Globals.host_msdfs = true;
796 Globals.enable_asu_support = false;
798 /* User defined shares. */
799 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
801 smb_panic("init_globals: ENOMEM");
803 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
805 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
806 Globals.usershare_max_shares = 0;
807 /* By default disallow sharing of directories not owned by the sharer. */
808 Globals.usershare_owner_only = true;
809 /* By default disallow guest access to usershares. */
810 Globals.usershare_allow_guests = false;
812 Globals.keepalive = DEFAULT_KEEPALIVE;
814 /* By default no shares out of the registry */
815 Globals.registry_shares = false;
817 Globals.iminreceivefile = 0;
819 Globals.map_untrusted_to_domain = false;
820 Globals.multicast_dns_register = true;
822 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
823 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
824 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
825 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
826 Globals.smb2_leases = false;
828 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
829 get_dyn_NCALRPCDIR());
831 Globals.server_services = (const char **)str_list_make_v3(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
833 Globals.dcerpc_endpoint_servers = (const char **)str_list_make_v3(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
835 Globals.tls_enabled = true;
837 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
838 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
839 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
840 lpcfg_string_set(Globals.ctx, &Globals.tls_priority, "NORMAL:-VERS-SSL3.0");
842 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
844 Globals.iPreferredMaster = Auto;
846 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
848 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
850 lpcfg_string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
852 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
854 smb_panic("init_globals: ENOMEM");
856 Globals.samba_kcc_command = (const char **)str_list_make_v3(NULL, s, NULL);
859 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
861 smb_panic("init_globals: ENOMEM");
863 Globals.dns_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
866 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
868 smb_panic("init_globals: ENOMEM");
870 Globals.spn_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
873 Globals.nsupdate_command = (const char **)str_list_make_v3(NULL, "/usr/bin/nsupdate -g", NULL);
875 Globals.rndc_command = (const char **)str_list_make_v3(NULL, "/usr/sbin/rndc", NULL);
877 Globals.cldap_port = 389;
879 Globals.dgram_port = 138;
881 Globals.nbt_port = 137;
883 Globals.krb5_port = 88;
885 Globals.kpasswd_port = 464;
887 Globals.web_port = 901;
889 /* Now put back the settings that were set with lp_set_cmdline() */
890 apply_lp_set_cmdline();
893 /* Convenience routine to setup an lp_context with additional s3 variables */
894 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
896 struct loadparm_context *lp_ctx;
898 lp_ctx = loadparm_init_s3(mem_ctx,
899 loadparm_s3_helpers());
900 if (lp_ctx == NULL) {
901 DEBUG(0, ("loadparm_init_s3 failed\n"));
905 lp_ctx->sDefault = &sDefault;
906 lp_ctx->services = NULL; /* We do not want to access this directly */
907 lp_ctx->bInGlobalSection = bInGlobalSection;
908 lp_ctx->flags = flags_list;
913 /*******************************************************************
914 Convenience routine to grab string parameters into talloced memory
915 and run standard_sub_basic on them. The buffers can be written to by
916 callers without affecting the source string.
917 ********************************************************************/
919 char *lp_string(TALLOC_CTX *ctx, const char *s)
923 /* The follow debug is useful for tracking down memory problems
924 especially if you have an inner loop that is calling a lp_*()
925 function that returns a string. Perhaps this debug should be
926 present all the time? */
929 DEBUG(10, ("lp_string(%s)\n", s));
935 ret = talloc_sub_basic(ctx,
936 get_current_username(),
937 current_user_info.domain,
939 if (trim_char(ret, '\"', '\"')) {
940 if (strchr(ret,'\"') != NULL) {
942 ret = talloc_sub_basic(ctx,
943 get_current_username(),
944 current_user_info.domain,
952 In this section all the functions that are used to access the
953 parameters from the rest of the program are defined
956 #define FN_GLOBAL_STRING(fn_name,ptr) \
957 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
958 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
959 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
960 #define FN_GLOBAL_LIST(fn_name,ptr) \
961 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
962 #define FN_GLOBAL_BOOL(fn_name,ptr) \
963 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
964 #define FN_GLOBAL_CHAR(fn_name,ptr) \
965 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
966 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
967 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
969 #define FN_LOCAL_STRING(fn_name,val) \
970 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
971 #define FN_LOCAL_CONST_STRING(fn_name,val) \
972 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
973 #define FN_LOCAL_LIST(fn_name,val) \
974 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
975 #define FN_LOCAL_BOOL(fn_name,val) \
976 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
977 #define FN_LOCAL_INTEGER(fn_name,val) \
978 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
980 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
981 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
982 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
983 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
984 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
985 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
987 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
988 winbindMaxDomainConnections)
990 int lp_winbind_max_domain_connections(void)
992 if (lp_winbind_offline_logon() &&
993 lp_winbind_max_domain_connections_int() > 1) {
994 DEBUG(1, ("offline logons active, restricting max domain "
995 "connections to 1\n"));
998 return MAX(1, lp_winbind_max_domain_connections_int());
1001 int lp_smb2_max_credits(void)
1003 if (Globals.ismb2_max_credits == 0) {
1004 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1006 return Globals.ismb2_max_credits;
1008 int lp_cups_encrypt(void)
1011 #ifdef HAVE_HTTPCONNECTENCRYPT
1012 switch (Globals.CupsEncrypt) {
1014 result = HTTP_ENCRYPT_REQUIRED;
1017 result = HTTP_ENCRYPT_ALWAYS;
1020 result = HTTP_ENCRYPT_NEVER;
1027 /* These functions remain in source3/param for now */
1029 #include "lib/param/param_functions.c"
1031 FN_LOCAL_STRING(servicename, szService)
1032 FN_LOCAL_CONST_STRING(const_servicename, szService)
1034 /* These functions cannot be auto-generated */
1035 FN_LOCAL_BOOL(autoloaded, autoloaded)
1036 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1038 /* local prototypes */
1040 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1041 static const char *get_boolean(bool bool_value);
1042 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1044 static bool hash_a_service(const char *name, int number);
1045 static void free_service_byindex(int iService);
1046 static void show_parameter(int parmIndex);
1047 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1050 * This is a helper function for parametrical options support. It returns a
1051 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1052 * parametrical functions are quite simple
1054 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1057 if (snum >= iNumServices) return NULL;
1060 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1062 return get_parametric_helper(ServicePtrs[snum],
1063 type, option, Globals.param_opt);
1068 #define MISSING_PARAMETER(name) \
1069 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1071 /*******************************************************************
1072 convenience routine to return enum parameters.
1073 ********************************************************************/
1074 static int lp_enum(const char *s,const struct enum_list *_enum)
1078 if (!s || !*s || !_enum) {
1079 MISSING_PARAMETER(lp_enum);
1083 for (i=0; _enum[i].name; i++) {
1084 if (strequal(_enum[i].name,s))
1085 return _enum[i].value;
1088 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1092 #undef MISSING_PARAMETER
1094 /* Return parametric option from a given service. Type is a part of option before ':' */
1095 /* Parametric option has following syntax: 'Type: option = value' */
1096 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1098 struct parmlist_entry *data = get_parametrics(snum, type, option);
1100 if (data == NULL||data->value==NULL) {
1102 return lp_string(ctx, def);
1108 return lp_string(ctx, data->value);
1111 /* Return parametric option from a given service. Type is a part of option before ':' */
1112 /* Parametric option has following syntax: 'Type: option = value' */
1113 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1115 struct parmlist_entry *data = get_parametrics(snum, type, option);
1117 if (data == NULL||data->value==NULL)
1124 /* Return parametric option from a given service. Type is a part of option before ':' */
1125 /* Parametric option has following syntax: 'Type: option = value' */
1127 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1129 struct parmlist_entry *data = get_parametrics(snum, type, option);
1131 if (data == NULL||data->value==NULL)
1132 return (const char **)def;
1134 if (data->list==NULL) {
1135 data->list = str_list_make_v3(NULL, data->value, NULL);
1138 return (const char **)data->list;
1141 /* Return parametric option from a given service. Type is a part of option before ':' */
1142 /* Parametric option has following syntax: 'Type: option = value' */
1144 int lp_parm_int(int snum, const char *type, const char *option, int def)
1146 struct parmlist_entry *data = get_parametrics(snum, type, option);
1148 if (data && data->value && *data->value)
1149 return lp_int(data->value);
1154 /* Return parametric option from a given service. Type is a part of option before ':' */
1155 /* Parametric option has following syntax: 'Type: option = value' */
1157 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1159 struct parmlist_entry *data = get_parametrics(snum, type, option);
1161 if (data && data->value && *data->value)
1162 return lp_ulong(data->value);
1167 /* Return parametric option from a given service. Type is a part of option before ':' */
1168 /* Parametric option has following syntax: 'Type: option = value' */
1170 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1172 struct parmlist_entry *data = get_parametrics(snum, type, option);
1174 if (data && data->value && *data->value)
1175 return lp_bool(data->value);
1180 /* Return parametric option from a given service. Type is a part of option before ':' */
1181 /* Parametric option has following syntax: 'Type: option = value' */
1183 int lp_parm_enum(int snum, const char *type, const char *option,
1184 const struct enum_list *_enum, int def)
1186 struct parmlist_entry *data = get_parametrics(snum, type, option);
1188 if (data && data->value && *data->value && _enum)
1189 return lp_enum(data->value, _enum);
1195 * free a param_opts structure.
1196 * param_opts handling should be moved to talloc;
1197 * then this whole functions reduces to a TALLOC_FREE().
1200 static void free_param_opts(struct parmlist_entry **popts)
1202 struct parmlist_entry *opt, *next_opt;
1204 if (*popts != NULL) {
1205 DEBUG(5, ("Freeing parametrics:\n"));
1208 while (opt != NULL) {
1209 lpcfg_string_free(&opt->key);
1210 lpcfg_string_free(&opt->value);
1211 TALLOC_FREE(opt->list);
1212 next_opt = opt->next;
1219 /***************************************************************************
1220 Free the dynamically allocated parts of a service struct.
1221 ***************************************************************************/
1223 static void free_service(struct loadparm_service *pservice)
1228 if (pservice->szService)
1229 DEBUG(5, ("free_service: Freeing service %s\n",
1230 pservice->szService));
1232 free_parameters(pservice);
1234 lpcfg_string_free(&pservice->szService);
1235 TALLOC_FREE(pservice->copymap);
1237 free_param_opts(&pservice->param_opt);
1239 ZERO_STRUCTP(pservice);
1243 /***************************************************************************
1244 remove a service indexed in the ServicePtrs array from the ServiceHash
1245 and free the dynamically allocated parts
1246 ***************************************************************************/
1248 static void free_service_byindex(int idx)
1250 if ( !LP_SNUM_OK(idx) )
1253 ServicePtrs[idx]->valid = false;
1255 /* we have to cleanup the hash record */
1257 if (ServicePtrs[idx]->szService) {
1258 char *canon_name = canonicalize_servicename(
1260 ServicePtrs[idx]->szService );
1262 dbwrap_delete_bystring(ServiceHash, canon_name );
1263 TALLOC_FREE(canon_name);
1266 free_service(ServicePtrs[idx]);
1267 talloc_free_children(ServicePtrs[idx]);
1270 /***************************************************************************
1271 Add a new service to the services array initialising it with the given
1273 ***************************************************************************/
1275 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1278 int num_to_alloc = iNumServices + 1;
1279 struct loadparm_service **tsp = NULL;
1281 /* it might already exist */
1283 i = getservicebyname(name, NULL);
1289 /* if not, then create one */
1291 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1293 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1297 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1298 if (!ServicePtrs[iNumServices]) {
1299 DEBUG(0,("add_a_service: out of memory!\n"));
1304 ServicePtrs[i]->valid = true;
1306 copy_service(ServicePtrs[i], pservice, NULL);
1308 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1311 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1312 i, ServicePtrs[i]->szService));
1314 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1321 /***************************************************************************
1322 Convert a string to uppercase and remove whitespaces.
1323 ***************************************************************************/
1325 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1330 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1334 result = talloc_strdup(ctx, src);
1335 SMB_ASSERT(result != NULL);
1337 if (!strlower_m(result)) {
1338 TALLOC_FREE(result);
1344 /***************************************************************************
1345 Add a name/index pair for the services array to the hash table.
1346 ***************************************************************************/
1348 static bool hash_a_service(const char *name, int idx)
1352 if ( !ServiceHash ) {
1353 DEBUG(10,("hash_a_service: creating servicehash\n"));
1354 ServiceHash = db_open_rbt(NULL);
1355 if ( !ServiceHash ) {
1356 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1361 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1364 canon_name = canonicalize_servicename(talloc_tos(), name );
1366 dbwrap_store_bystring(ServiceHash, canon_name,
1367 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1370 TALLOC_FREE(canon_name);
1375 /***************************************************************************
1376 Add a new home service, with the specified home directory, defaults coming
1378 ***************************************************************************/
1380 bool lp_add_home(const char *pszHomename, int iDefaultService,
1381 const char *user, const char *pszHomedir)
1385 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1386 pszHomedir[0] == '\0') {
1390 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1395 if (!(*(ServicePtrs[iDefaultService]->path))
1396 || strequal(ServicePtrs[iDefaultService]->path,
1397 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1398 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1402 if (!(*(ServicePtrs[i]->comment))) {
1403 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1404 if (comment == NULL) {
1407 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1409 TALLOC_FREE(comment);
1412 /* set the browseable flag from the global default */
1414 ServicePtrs[i]->browseable = sDefault.browseable;
1415 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1417 ServicePtrs[i]->autoloaded = true;
1419 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1420 user, ServicePtrs[i]->path ));
1425 /***************************************************************************
1426 Add a new service, based on an old one.
1427 ***************************************************************************/
1429 int lp_add_service(const char *pszService, int iDefaultService)
1431 if (iDefaultService < 0) {
1432 return add_a_service(&sDefault, pszService);
1435 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1438 /***************************************************************************
1439 Add the IPC service.
1440 ***************************************************************************/
1442 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1444 char *comment = NULL;
1445 int i = add_a_service(&sDefault, ipc_name);
1450 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1451 Globals.server_string);
1452 if (comment == NULL) {
1456 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1457 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1458 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1459 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1460 ServicePtrs[i]->max_connections = 0;
1461 ServicePtrs[i]->bAvailable = true;
1462 ServicePtrs[i]->read_only = true;
1463 ServicePtrs[i]->guest_only = false;
1464 ServicePtrs[i]->administrative_share = true;
1465 ServicePtrs[i]->guest_ok = guest_ok;
1466 ServicePtrs[i]->printable = false;
1467 ServicePtrs[i]->browseable = sDefault.browseable;
1469 DEBUG(3, ("adding IPC service\n"));
1471 TALLOC_FREE(comment);
1475 /***************************************************************************
1476 Add a new printer service, with defaults coming from service iFrom.
1477 ***************************************************************************/
1479 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1481 const char *comment = "From Printcap";
1482 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1487 /* note that we do NOT default the availability flag to true - */
1488 /* we take it from the default service passed. This allows all */
1489 /* dynamic printers to be disabled by disabling the [printers] */
1490 /* entry (if/when the 'available' keyword is implemented!). */
1492 /* the printer name is set to the service name. */
1493 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1495 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1497 /* set the browseable flag from the gloabl default */
1498 ServicePtrs[i]->browseable = sDefault.browseable;
1500 /* Printers cannot be read_only. */
1501 ServicePtrs[i]->read_only = false;
1502 /* No oplocks on printer services. */
1503 ServicePtrs[i]->oplocks = false;
1504 /* Printer services must be printable. */
1505 ServicePtrs[i]->printable = true;
1507 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1513 /***************************************************************************
1514 Check whether the given parameter name is valid.
1515 Parametric options (names containing a colon) are considered valid.
1516 ***************************************************************************/
1518 bool lp_parameter_is_valid(const char *pszParmName)
1520 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1521 (strchr(pszParmName, ':') != NULL));
1524 /***************************************************************************
1525 Check whether the given name is the name of a global parameter.
1526 Returns true for strings belonging to parameters of class
1527 P_GLOBAL, false for all other strings, also for parametric options
1528 and strings not belonging to any option.
1529 ***************************************************************************/
1531 bool lp_parameter_is_global(const char *pszParmName)
1533 int num = lpcfg_map_parameter(pszParmName);
1536 return (parm_table[num].p_class == P_GLOBAL);
1542 /**************************************************************************
1543 Check whether the given name is the canonical name of a parameter.
1544 Returns false if it is not a valid parameter Name.
1545 For parametric options, true is returned.
1546 **************************************************************************/
1548 bool lp_parameter_is_canonical(const char *parm_name)
1550 if (!lp_parameter_is_valid(parm_name)) {
1554 return (lpcfg_map_parameter(parm_name) ==
1555 map_parameter_canonical(parm_name, NULL));
1558 /**************************************************************************
1559 Determine the canonical name for a parameter.
1560 Indicate when it is an inverse (boolean) synonym instead of a
1562 **************************************************************************/
1564 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1569 if (!lp_parameter_is_valid(parm_name)) {
1574 num = map_parameter_canonical(parm_name, inverse);
1576 /* parametric option */
1577 *canon_parm = parm_name;
1579 *canon_parm = parm_table[num].label;
1586 /**************************************************************************
1587 Determine the canonical name for a parameter.
1588 Turn the value given into the inverse boolean expression when
1589 the synonym is an invers boolean synonym.
1591 Return true if parm_name is a valid parameter name and
1592 in case it is an invers boolean synonym, if the val string could
1593 successfully be converted to the reverse bool.
1594 Return false in all other cases.
1595 **************************************************************************/
1597 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1599 const char **canon_parm,
1600 const char **canon_val)
1605 if (!lp_parameter_is_valid(parm_name)) {
1611 num = map_parameter_canonical(parm_name, &inverse);
1613 /* parametric option */
1614 *canon_parm = parm_name;
1617 *canon_parm = parm_table[num].label;
1619 if (!lp_invert_boolean(val, canon_val)) {
1631 /***************************************************************************
1632 Map a parameter's string representation to the index of the canonical
1633 form of the parameter (it might be a synonym).
1634 Returns -1 if the parameter string is not recognised.
1635 ***************************************************************************/
1637 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1639 int parm_num, canon_num;
1640 bool loc_inverse = false;
1642 parm_num = lpcfg_map_parameter(pszParmName);
1643 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1644 /* invalid, parametric or no canidate for synonyms ... */
1648 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1649 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1650 parm_num = canon_num;
1656 if (inverse != NULL) {
1657 *inverse = loc_inverse;
1662 /***************************************************************************
1663 return true if parameter number parm1 is a synonym of parameter
1664 number parm2 (parm2 being the principal name).
1665 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1667 ***************************************************************************/
1669 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1671 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1672 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1673 (parm_table[parm1].flags & FLAG_HIDE) &&
1674 !(parm_table[parm2].flags & FLAG_HIDE))
1676 if (inverse != NULL) {
1677 if ((parm_table[parm1].type == P_BOOLREV) &&
1678 (parm_table[parm2].type == P_BOOL))
1690 /***************************************************************************
1691 Show one parameter's name, type, [values,] and flags.
1692 (helper functions for show_parameter_list)
1693 ***************************************************************************/
1695 static void show_parameter(int parmIndex)
1697 int enumIndex, flagIndex;
1702 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1703 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1704 "P_ENUM", "P_BYTES", "P_CMDLIST", "P_SEP" };
1705 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
1706 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
1708 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
1709 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
1710 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
1712 printf("%s=%s", parm_table[parmIndex].label,
1713 type[parm_table[parmIndex].type]);
1714 if (parm_table[parmIndex].type == P_ENUM) {
1717 parm_table[parmIndex].enum_list[enumIndex].name;
1721 enumIndex ? "|" : "",
1722 parm_table[parmIndex].enum_list[enumIndex].name);
1727 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1728 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1731 flag_names[flagIndex]);
1736 /* output synonyms */
1738 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1739 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1740 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1741 parm_table[parmIndex2].label);
1742 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1744 printf(" (synonyms: ");
1749 printf("%s%s", parm_table[parmIndex2].label,
1750 inverse ? "[i]" : "");
1760 /***************************************************************************
1761 Show all parameter's name, type, [values,] and flags.
1762 ***************************************************************************/
1764 void show_parameter_list(void)
1766 int classIndex, parmIndex;
1767 const char *section_names[] = { "local", "global", NULL};
1769 for (classIndex=0; section_names[classIndex]; classIndex++) {
1770 printf("[%s]\n", section_names[classIndex]);
1771 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1772 if (parm_table[parmIndex].p_class == classIndex) {
1773 show_parameter(parmIndex);
1779 /***************************************************************************
1780 Get the standard string representation of a boolean value ("yes" or "no")
1781 ***************************************************************************/
1783 static const char *get_boolean(bool bool_value)
1785 static const char *yes_str = "yes";
1786 static const char *no_str = "no";
1788 return (bool_value ? yes_str : no_str);
1791 /***************************************************************************
1792 Provide the string of the negated boolean value associated to the boolean
1793 given as a string. Returns false if the passed string does not correctly
1794 represent a boolean.
1795 ***************************************************************************/
1797 bool lp_invert_boolean(const char *str, const char **inverse_str)
1801 if (!set_boolean(str, &val)) {
1805 *inverse_str = get_boolean(!val);
1809 /***************************************************************************
1810 Provide the canonical string representation of a boolean value given
1811 as a string. Return true on success, false if the string given does
1812 not correctly represent a boolean.
1813 ***************************************************************************/
1815 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1819 if (!set_boolean(str, &val)) {
1823 *canon_str = get_boolean(val);
1827 /***************************************************************************
1828 Find a service by name. Otherwise works like get_service.
1829 ***************************************************************************/
1831 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1838 if (ServiceHash == NULL) {
1842 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1844 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1847 if (NT_STATUS_IS_OK(status) &&
1848 (data.dptr != NULL) &&
1849 (data.dsize == sizeof(iService)))
1851 iService = *(int *)data.dptr;
1854 TALLOC_FREE(canon_name);
1856 if ((iService != -1) && (LP_SNUM_OK(iService))
1857 && (pserviceDest != NULL)) {
1858 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1864 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1865 struct loadparm_service *lp_service(const char *pszServiceName)
1867 int iService = getservicebyname(pszServiceName, NULL);
1868 if (iService == -1 || !LP_SNUM_OK(iService)) {
1871 return ServicePtrs[iService];
1874 struct loadparm_service *lp_servicebynum(int snum)
1876 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1879 return ServicePtrs[snum];
1882 struct loadparm_service *lp_default_loadparm_service()
1887 static struct smbconf_ctx *lp_smbconf_ctx(void)
1890 static struct smbconf_ctx *conf_ctx = NULL;
1892 if (conf_ctx == NULL) {
1893 err = smbconf_init(NULL, &conf_ctx, "registry:");
1894 if (!SBC_ERROR_IS_OK(err)) {
1895 DEBUG(1, ("error initializing registry configuration: "
1896 "%s\n", sbcErrorString(err)));
1904 static bool process_smbconf_service(struct smbconf_service *service)
1909 if (service == NULL) {
1913 ret = lp_do_section(service->name, NULL);
1917 for (count = 0; count < service->num_params; count++) {
1919 if (!bInGlobalSection && bGlobalOnly) {
1922 const char *pszParmName = service->param_names[count];
1923 const char *pszParmValue = service->param_values[count];
1925 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
1927 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
1928 pszParmName, pszParmValue);
1935 if (iServiceIndex >= 0) {
1936 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
1942 * load a service from registry and activate it
1944 bool process_registry_service(const char *service_name)
1947 struct smbconf_service *service = NULL;
1948 TALLOC_CTX *mem_ctx = talloc_stackframe();
1949 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
1952 if (conf_ctx == NULL) {
1956 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
1958 if (!smbconf_share_exists(conf_ctx, service_name)) {
1960 * Registry does not contain data for this service (yet),
1961 * but make sure lp_load doesn't return false.
1967 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
1968 if (!SBC_ERROR_IS_OK(err)) {
1972 ret = process_smbconf_service(service);
1978 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
1981 TALLOC_FREE(mem_ctx);
1986 * process_registry_globals
1988 static bool process_registry_globals(void)
1992 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
1994 if (!bInGlobalSection && bGlobalOnly) {
1997 const char *pszParmName = "registry shares";
1998 const char *pszParmValue = "yes";
2000 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2002 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2003 pszParmName, pszParmValue);
2010 return process_registry_service(GLOBAL_NAME);
2013 bool process_registry_shares(void)
2017 struct smbconf_service **service = NULL;
2018 uint32_t num_shares = 0;
2019 TALLOC_CTX *mem_ctx = talloc_stackframe();
2020 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2023 if (conf_ctx == NULL) {
2027 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2028 if (!SBC_ERROR_IS_OK(err)) {
2034 for (count = 0; count < num_shares; count++) {
2035 if (strequal(service[count]->name, GLOBAL_NAME)) {
2038 ret = process_smbconf_service(service[count]);
2045 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2048 TALLOC_FREE(mem_ctx);
2053 * reload those shares from registry that are already
2054 * activated in the services array.
2056 static bool reload_registry_shares(void)
2061 for (i = 0; i < iNumServices; i++) {
2066 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2070 ret = process_registry_service(ServicePtrs[i]->szService);
2081 #define MAX_INCLUDE_DEPTH 100
2083 static uint8_t include_depth;
2086 * Free the file lists
2088 static void free_file_list(void)
2090 struct file_lists *f;
2091 struct file_lists *next;
2104 * Utility function for outsiders to check if we're running on registry.
2106 bool lp_config_backend_is_registry(void)
2108 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2112 * Utility function to check if the config backend is FILE.
2114 bool lp_config_backend_is_file(void)
2116 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2119 /*******************************************************************
2120 Check if a config file has changed date.
2121 ********************************************************************/
2123 bool lp_file_list_changed(void)
2125 struct file_lists *f = file_lists;
2127 DEBUG(6, ("lp_file_list_changed()\n"));
2130 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2131 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2133 if (conf_ctx == NULL) {
2136 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2139 DEBUGADD(6, ("registry config changed\n"));
2146 n2 = talloc_sub_basic(talloc_tos(),
2147 get_current_username(),
2148 current_user_info.domain,
2153 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2154 f->name, n2, ctime(&f->modtime)));
2156 mod_time = file_modtime(n2);
2159 ((f->modtime != mod_time) ||
2160 (f->subfname == NULL) ||
2161 (strcmp(n2, f->subfname) != 0)))
2164 ("file %s modified: %s\n", n2,
2166 f->modtime = mod_time;
2167 TALLOC_FREE(f->subfname);
2168 f->subfname = talloc_strdup(f, n2);
2169 if (f->subfname == NULL) {
2170 smb_panic("talloc_strdup failed");
2184 * Initialize iconv conversion descriptors.
2186 * This is called the first time it is needed, and also called again
2187 * every time the configuration is reloaded, because the charset or
2188 * codepage might have changed.
2190 static void init_iconv(void)
2192 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2194 true, global_iconv_handle);
2197 /***************************************************************************
2198 Handle the include operation.
2199 ***************************************************************************/
2200 static bool bAllowIncludeRegistry = true;
2202 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2203 const char *pszParmValue, char **ptr)
2207 if (include_depth >= MAX_INCLUDE_DEPTH) {
2208 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2213 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2214 if (!bAllowIncludeRegistry) {
2217 if (lp_ctx->bInGlobalSection) {
2220 ret = process_registry_globals();
2224 DEBUG(1, ("\"include = registry\" only effective "
2225 "in %s section\n", GLOBAL_NAME));
2230 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2231 current_user_info.domain,
2234 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2236 if (service == NULL) {
2237 lpcfg_string_set(Globals.ctx, ptr, fname);
2239 lpcfg_string_set(service, ptr, fname);
2242 if (file_exist(fname)) {
2245 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2251 DEBUG(2, ("Can't find include file %s\n", fname));
2256 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2258 char *config_option = NULL;
2259 const char *range = NULL;
2262 SMB_ASSERT(low != NULL);
2263 SMB_ASSERT(high != NULL);
2265 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2269 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2271 if (config_option == NULL) {
2272 DEBUG(0, ("out of memory\n"));
2276 range = lp_parm_const_string(-1, config_option, "range", NULL);
2277 if (range == NULL) {
2278 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2282 if (sscanf(range, "%u - %u", low, high) != 2) {
2283 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2284 range, domain_name));
2291 talloc_free(config_option);
2296 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2298 return lp_idmap_range("*", low, high);
2301 const char *lp_idmap_backend(const char *domain_name)
2303 char *config_option = NULL;
2304 const char *backend = NULL;
2306 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2310 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2312 if (config_option == NULL) {
2313 DEBUG(0, ("out of memory\n"));
2317 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2318 if (backend == NULL) {
2319 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2324 talloc_free(config_option);
2328 const char *lp_idmap_default_backend(void)
2330 return lp_idmap_backend("*");
2333 /***************************************************************************
2334 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2335 ***************************************************************************/
2337 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2339 const char *suffix_string;
2341 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2342 Globals.ldap_suffix );
2343 if ( !suffix_string ) {
2344 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2348 return suffix_string;
2351 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2353 if (Globals.szLdapMachineSuffix[0])
2354 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2356 return lp_string(ctx, Globals.ldap_suffix);
2359 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2361 if (Globals.szLdapUserSuffix[0])
2362 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2364 return lp_string(ctx, Globals.ldap_suffix);
2367 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2369 if (Globals.szLdapGroupSuffix[0])
2370 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2372 return lp_string(ctx, Globals.ldap_suffix);
2375 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2377 if (Globals.szLdapIdmapSuffix[0])
2378 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2380 return lp_string(ctx, Globals.ldap_suffix);
2384 return the parameter pointer for a parameter
2386 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2388 if (service == NULL) {
2389 if (parm->p_class == P_LOCAL)
2390 return (void *)(((char *)&sDefault)+parm->offset);
2391 else if (parm->p_class == P_GLOBAL)
2392 return (void *)(((char *)&Globals)+parm->offset);
2395 return (void *)(((char *)service) + parm->offset);
2399 /***************************************************************************
2400 Process a parameter for a particular service number. If snum < 0
2401 then assume we are in the globals.
2402 ***************************************************************************/
2404 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2406 TALLOC_CTX *frame = talloc_stackframe();
2407 struct loadparm_context *lp_ctx;
2410 lp_ctx = setup_lp_context(frame);
2411 if (lp_ctx == NULL) {
2417 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2419 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2420 pszParmName, pszParmValue);
2428 /***************************************************************************
2429 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2430 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2431 ***************************************************************************/
2433 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2436 parmnum = lpcfg_map_parameter(pszParmName);
2438 flags_list[parmnum] &= ~FLAG_CMDLINE;
2439 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2442 flags_list[parmnum] |= FLAG_CMDLINE;
2444 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2445 * be grouped in the table, so we don't have to search the
2448 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2449 && parm_table[i].p_class == parm_table[parmnum].p_class;
2451 flags_list[i] |= FLAG_CMDLINE;
2453 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2454 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2455 flags_list[i] |= FLAG_CMDLINE;
2461 /* it might be parametric */
2462 if (strchr(pszParmName, ':') != NULL) {
2463 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2467 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2471 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2474 TALLOC_CTX *frame = talloc_stackframe();
2475 struct loadparm_context *lp_ctx;
2477 lp_ctx = setup_lp_context(frame);
2478 if (lp_ctx == NULL) {
2483 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2489 /***************************************************************************
2490 Process a parameter.
2491 ***************************************************************************/
2493 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2496 if (!bInGlobalSection && bGlobalOnly)
2499 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2501 if (bInGlobalSection) {
2502 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2504 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2505 pszParmName, pszParmValue);
2509 /***************************************************************************
2510 Initialize any local variables in the sDefault table, after parsing a
2512 ***************************************************************************/
2514 static void init_locals(void)
2517 * We run this check once the [globals] is parsed, to force
2518 * the VFS objects and other per-share settings we need for
2519 * the standard way a AD DC is operated. We may change these
2520 * as our code evolves, which is why we force these settings.
2522 * We can't do this at the end of lp_load_ex(), as by that
2523 * point the services have been loaded and they will already
2524 * have "" as their vfs objects.
2526 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2527 const char **vfs_objects = lp_vfs_objects(-1);
2528 if (!vfs_objects || !vfs_objects[0]) {
2529 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2530 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2531 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2532 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2534 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2538 lp_do_parameter(-1, "map hidden", "no");
2539 lp_do_parameter(-1, "map system", "no");
2540 lp_do_parameter(-1, "map readonly", "no");
2541 lp_do_parameter(-1, "map archive", "no");
2542 lp_do_parameter(-1, "store dos attributes", "yes");
2546 /***************************************************************************
2547 Process a new section (service). At this stage all sections are services.
2548 Later we'll have special sections that permit server parameters to be set.
2549 Returns true on success, false on failure.
2550 ***************************************************************************/
2552 bool lp_do_section(const char *pszSectionName, void *userdata)
2554 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2556 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2557 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2560 /* if we were in a global section then do the local inits */
2561 if (bInGlobalSection && !isglobal)
2564 /* if we've just struck a global section, note the fact. */
2565 bInGlobalSection = isglobal;
2566 if (lp_ctx != NULL) {
2567 lp_ctx->bInGlobalSection = isglobal;
2570 /* check for multiple global sections */
2571 if (bInGlobalSection) {
2572 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2576 if (!bInGlobalSection && bGlobalOnly)
2579 /* if we have a current service, tidy it up before moving on */
2582 if (iServiceIndex >= 0)
2583 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2585 /* if all is still well, move to the next record in the services array */
2587 /* We put this here to avoid an odd message order if messages are */
2588 /* issued by the post-processing of a previous section. */
2589 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2591 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2592 if (iServiceIndex < 0) {
2593 DEBUG(0, ("Failed to add a new service\n"));
2596 /* Clean all parametric options for service */
2597 /* They will be added during parsing again */
2598 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2604 /***************************************************************************
2605 Display the contents of a parameter of a single services record.
2606 ***************************************************************************/
2608 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2610 bool result = false;
2611 struct loadparm_context *lp_ctx;
2613 lp_ctx = setup_lp_context(talloc_tos());
2614 if (lp_ctx == NULL) {
2619 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2621 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2623 TALLOC_FREE(lp_ctx);
2628 /***************************************************************************
2629 Display the contents of a single copy structure.
2630 ***************************************************************************/
2631 static void dump_copy_map(bool *pcopymap)
2637 printf("\n\tNon-Copied parameters:\n");
2639 for (i = 0; parm_table[i].label; i++)
2640 if (parm_table[i].p_class == P_LOCAL &&
2641 parm_table[i].ptr && !pcopymap[i] &&
2642 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2644 printf("\t\t%s\n", parm_table[i].label);
2649 /***************************************************************************
2650 Return TRUE if the passed service number is within range.
2651 ***************************************************************************/
2653 bool lp_snum_ok(int iService)
2655 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
2658 /***************************************************************************
2659 Auto-load some home services.
2660 ***************************************************************************/
2662 static void lp_add_auto_services(char *str)
2672 s = talloc_strdup(talloc_tos(), str);
2674 smb_panic("talloc_strdup failed");
2678 homes = lp_servicenumber(HOMES_NAME);
2680 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2681 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2684 if (lp_servicenumber(p) >= 0)
2687 home = get_user_home_dir(talloc_tos(), p);
2689 if (home && home[0] && homes >= 0)
2690 lp_add_home(p, homes, p, home);
2697 /***************************************************************************
2698 Auto-load one printer.
2699 ***************************************************************************/
2701 void lp_add_one_printer(const char *name, const char *comment,
2702 const char *location, void *pdata)
2704 int printers = lp_servicenumber(PRINTERS_NAME);
2707 if (lp_servicenumber(name) < 0) {
2708 lp_add_printer(name, printers);
2709 if ((i = lp_servicenumber(name)) >= 0) {
2710 lpcfg_string_set(ServicePtrs[i],
2711 &ServicePtrs[i]->comment, comment);
2712 ServicePtrs[i]->autoloaded = true;
2717 /***************************************************************************
2718 Have we loaded a services file yet?
2719 ***************************************************************************/
2721 bool lp_loaded(void)
2726 /***************************************************************************
2727 Unload unused services.
2728 ***************************************************************************/
2730 void lp_killunused(struct smbd_server_connection *sconn,
2731 bool (*snumused) (struct smbd_server_connection *, int))
2734 for (i = 0; i < iNumServices; i++) {
2738 /* don't kill autoloaded or usershare services */
2739 if ( ServicePtrs[i]->autoloaded ||
2740 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2744 if (!snumused || !snumused(sconn, i)) {
2745 free_service_byindex(i);
2751 * Kill all except autoloaded and usershare services - convenience wrapper
2753 void lp_kill_all_services(void)
2755 lp_killunused(NULL, NULL);
2758 /***************************************************************************
2760 ***************************************************************************/
2762 void lp_killservice(int iServiceIn)
2764 if (VALID(iServiceIn)) {
2765 free_service_byindex(iServiceIn);
2769 /***************************************************************************
2770 Save the curent values of all global and sDefault parameters into the
2771 defaults union. This allows testparm to show only the
2772 changed (ie. non-default) parameters.
2773 ***************************************************************************/
2775 static void lp_save_defaults(void)
2778 struct parmlist_entry * parm;
2779 for (i = 0; parm_table[i].label; i++) {
2780 if (!(flags_list[i] & FLAG_CMDLINE)) {
2781 flags_list[i] |= FLAG_DEFAULT;
2784 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2785 && parm_table[i].p_class == parm_table[i - 1].p_class)
2787 switch (parm_table[i].type) {
2790 parm_table[i].def.lvalue = str_list_copy(
2791 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2797 &parm_table[i].def.svalue,
2798 *(char **)lp_parm_ptr(
2799 NULL, &parm_table[i]));
2800 if (parm_table[i].def.svalue == NULL) {
2801 smb_panic("lpcfg_string_set() failed");
2806 parm_table[i].def.bvalue =
2807 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2810 parm_table[i].def.cvalue =
2811 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2817 parm_table[i].def.ivalue =
2818 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2825 for (parm=Globals.param_opt; parm; parm=parm->next) {
2826 if (!(parm->priority & FLAG_CMDLINE)) {
2827 parm->priority |= FLAG_DEFAULT;
2831 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2832 if (!(parm->priority & FLAG_CMDLINE)) {
2833 parm->priority |= FLAG_DEFAULT;
2837 defaults_saved = true;
2840 /***********************************************************
2841 If we should send plaintext/LANMAN passwords in the clinet
2842 ************************************************************/
2844 static void set_allowed_client_auth(void)
2846 if (Globals.client_ntlmv2_auth) {
2847 Globals.client_lanman_auth = false;
2849 if (!Globals.client_lanman_auth) {
2850 Globals.client_plaintext_auth = false;
2854 /***************************************************************************
2856 The following code allows smbd to read a user defined share file.
2857 Yes, this is my intent. Yes, I'm comfortable with that...
2859 THE FOLLOWING IS SECURITY CRITICAL CODE.
2861 It washes your clothes, it cleans your house, it guards you while you sleep...
2862 Do not f%^k with it....
2863 ***************************************************************************/
2865 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2867 /***************************************************************************
2868 Check allowed stat state of a usershare file.
2869 Ensure we print out who is dicking with us so the admin can
2870 get their sorry ass fired.
2871 ***************************************************************************/
2873 static bool check_usershare_stat(const char *fname,
2874 const SMB_STRUCT_STAT *psbuf)
2876 if (!S_ISREG(psbuf->st_ex_mode)) {
2877 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2878 "not a regular file\n",
2879 fname, (unsigned int)psbuf->st_ex_uid ));
2883 /* Ensure this doesn't have the other write bit set. */
2884 if (psbuf->st_ex_mode & S_IWOTH) {
2885 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2886 "public write. Refusing to allow as a usershare file.\n",
2887 fname, (unsigned int)psbuf->st_ex_uid ));
2891 /* Should be 10k or less. */
2892 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2893 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2894 "too large (%u) to be a user share file.\n",
2895 fname, (unsigned int)psbuf->st_ex_uid,
2896 (unsigned int)psbuf->st_ex_size ));
2903 /***************************************************************************
2904 Parse the contents of a usershare file.
2905 ***************************************************************************/
2907 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
2908 SMB_STRUCT_STAT *psbuf,
2909 const char *servicename,
2913 char **pp_sharepath,
2915 char **pp_cp_servicename,
2916 struct security_descriptor **ppsd,
2919 const char **prefixallowlist = lp_usershare_prefix_allow_list();
2920 const char **prefixdenylist = lp_usershare_prefix_deny_list();
2923 SMB_STRUCT_STAT sbuf;
2924 char *sharepath = NULL;
2925 char *comment = NULL;
2927 *pp_sharepath = NULL;
2930 *pallow_guest = false;
2933 return USERSHARE_MALFORMED_FILE;
2936 if (strcmp(lines[0], "#VERSION 1") == 0) {
2938 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
2941 return USERSHARE_MALFORMED_FILE;
2944 return USERSHARE_BAD_VERSION;
2947 if (strncmp(lines[1], "path=", 5) != 0) {
2948 return USERSHARE_MALFORMED_PATH;
2951 sharepath = talloc_strdup(ctx, &lines[1][5]);
2953 return USERSHARE_POSIX_ERR;
2955 trim_string(sharepath, " ", " ");
2957 if (strncmp(lines[2], "comment=", 8) != 0) {
2958 return USERSHARE_MALFORMED_COMMENT_DEF;
2961 comment = talloc_strdup(ctx, &lines[2][8]);
2963 return USERSHARE_POSIX_ERR;
2965 trim_string(comment, " ", " ");
2966 trim_char(comment, '"', '"');
2968 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
2969 return USERSHARE_MALFORMED_ACL_DEF;
2972 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
2973 return USERSHARE_ACL_ERR;
2977 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
2978 return USERSHARE_MALFORMED_ACL_DEF;
2980 if (lines[4][9] == 'y') {
2981 *pallow_guest = true;
2984 /* Backwards compatible extension to file version #2. */
2986 if (strncmp(lines[5], "sharename=", 10) != 0) {
2987 return USERSHARE_MALFORMED_SHARENAME_DEF;
2989 if (!strequal(&lines[5][10], servicename)) {
2990 return USERSHARE_BAD_SHARENAME;
2992 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
2993 if (!*pp_cp_servicename) {
2994 return USERSHARE_POSIX_ERR;
2999 if (*pp_cp_servicename == NULL) {
3000 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3001 if (!*pp_cp_servicename) {
3002 return USERSHARE_POSIX_ERR;
3006 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3007 /* Path didn't change, no checks needed. */
3008 *pp_sharepath = sharepath;
3009 *pp_comment = comment;
3010 return USERSHARE_OK;
3013 /* The path *must* be absolute. */
3014 if (sharepath[0] != '/') {
3015 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3016 servicename, sharepath));
3017 return USERSHARE_PATH_NOT_ABSOLUTE;
3020 /* If there is a usershare prefix deny list ensure one of these paths
3021 doesn't match the start of the user given path. */
3022 if (prefixdenylist) {
3024 for ( i=0; prefixdenylist[i]; i++ ) {
3025 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3026 servicename, i, prefixdenylist[i], sharepath ));
3027 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3028 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3029 "usershare prefix deny list entries.\n",
3030 servicename, sharepath));
3031 return USERSHARE_PATH_IS_DENIED;
3036 /* If there is a usershare prefix allow list ensure one of these paths
3037 does match the start of the user given path. */
3039 if (prefixallowlist) {
3041 for ( i=0; prefixallowlist[i]; i++ ) {
3042 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3043 servicename, i, prefixallowlist[i], sharepath ));
3044 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3048 if (prefixallowlist[i] == NULL) {
3049 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3050 "usershare prefix allow list entries.\n",
3051 servicename, sharepath));
3052 return USERSHARE_PATH_NOT_ALLOWED;
3056 /* Ensure this is pointing to a directory. */
3057 dp = opendir(sharepath);
3060 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3061 servicename, sharepath));
3062 return USERSHARE_PATH_NOT_DIRECTORY;
3065 /* Ensure the owner of the usershare file has permission to share
3068 if (sys_stat(sharepath, &sbuf, false) == -1) {
3069 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3070 servicename, sharepath, strerror(errno) ));
3072 return USERSHARE_POSIX_ERR;
3077 if (!S_ISDIR(sbuf.st_ex_mode)) {
3078 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3079 servicename, sharepath ));
3080 return USERSHARE_PATH_NOT_DIRECTORY;
3083 /* Check if sharing is restricted to owner-only. */
3084 /* psbuf is the stat of the usershare definition file,
3085 sbuf is the stat of the target directory to be shared. */
3087 if (lp_usershare_owner_only()) {
3088 /* root can share anything. */
3089 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3090 return USERSHARE_PATH_NOT_ALLOWED;
3094 *pp_sharepath = sharepath;
3095 *pp_comment = comment;
3096 return USERSHARE_OK;
3099 /***************************************************************************
3100 Deal with a usershare file.
3103 -1 - Bad name, invalid contents.
3104 - service name already existed and not a usershare, problem
3105 with permissions to share directory etc.
3106 ***************************************************************************/
3108 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3110 SMB_STRUCT_STAT sbuf;
3111 SMB_STRUCT_STAT lsbuf;
3113 char *sharepath = NULL;
3114 char *comment = NULL;
3115 char *cp_service_name = NULL;
3116 char **lines = NULL;
3120 TALLOC_CTX *ctx = talloc_stackframe();
3121 struct security_descriptor *psd = NULL;
3122 bool guest_ok = false;
3123 char *canon_name = NULL;
3124 bool added_service = false;
3127 /* Ensure share name doesn't contain invalid characters. */
3128 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3129 DEBUG(0,("process_usershare_file: share name %s contains "
3130 "invalid characters (any of %s)\n",
3131 file_name, INVALID_SHARENAME_CHARS ));
3135 canon_name = canonicalize_servicename(ctx, file_name);
3140 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3145 /* Minimize the race condition by doing an lstat before we
3146 open and fstat. Ensure this isn't a symlink link. */
3148 if (sys_lstat(fname, &lsbuf, false) != 0) {
3149 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3150 fname, strerror(errno) ));
3154 /* This must be a regular file, not a symlink, directory or
3155 other strange filetype. */
3156 if (!check_usershare_stat(fname, &lsbuf)) {
3164 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3169 if (NT_STATUS_IS_OK(status) &&
3170 (data.dptr != NULL) &&
3171 (data.dsize == sizeof(iService))) {
3172 memcpy(&iService, data.dptr, sizeof(iService));
3176 if (iService != -1 &&
3177 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3178 &lsbuf.st_ex_mtime) == 0) {
3179 /* Nothing changed - Mark valid and return. */
3180 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3182 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3187 /* Try and open the file read only - no symlinks allowed. */
3189 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3191 fd = open(fname, O_RDONLY, 0);
3195 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3196 fname, strerror(errno) ));
3200 /* Now fstat to be *SURE* it's a regular file. */
3201 if (sys_fstat(fd, &sbuf, false) != 0) {
3203 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3204 fname, strerror(errno) ));
3208 /* Is it the same dev/inode as was lstated ? */
3209 if (!check_same_stat(&lsbuf, &sbuf)) {
3211 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3212 "Symlink spoofing going on ?\n", fname ));
3216 /* This must be a regular file, not a symlink, directory or
3217 other strange filetype. */
3218 if (!check_usershare_stat(fname, &sbuf)) {
3223 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3226 if (lines == NULL) {
3227 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3228 fname, (unsigned int)sbuf.st_ex_uid ));
3232 if (parse_usershare_file(ctx, &sbuf, file_name,
3233 iService, lines, numlines, &sharepath,
3234 &comment, &cp_service_name,
3235 &psd, &guest_ok) != USERSHARE_OK) {
3239 /* Everything ok - add the service possibly using a template. */
3241 const struct loadparm_service *sp = &sDefault;
3242 if (snum_template != -1) {
3243 sp = ServicePtrs[snum_template];
3246 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3247 DEBUG(0, ("process_usershare_file: Failed to add "
3248 "new service %s\n", cp_service_name));
3252 added_service = true;
3254 /* Read only is controlled by usershare ACL below. */
3255 ServicePtrs[iService]->read_only = false;
3258 /* Write the ACL of the new/modified share. */
3259 if (!set_share_security(canon_name, psd)) {
3260 DEBUG(0, ("process_usershare_file: Failed to set share "
3261 "security for user share %s\n",
3266 /* If from a template it may be marked invalid. */
3267 ServicePtrs[iService]->valid = true;
3269 /* Set the service as a valid usershare. */
3270 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3272 /* Set guest access. */
3273 if (lp_usershare_allow_guests()) {
3274 ServicePtrs[iService]->guest_ok = guest_ok;
3277 /* And note when it was loaded. */
3278 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3279 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3281 lpcfg_string_set(ServicePtrs[iService],
3282 &ServicePtrs[iService]->comment, comment);
3288 if (ret == -1 && iService != -1 && added_service) {
3289 lp_remove_service(iService);
3297 /***************************************************************************
3298 Checks if a usershare entry has been modified since last load.
3299 ***************************************************************************/
3301 static bool usershare_exists(int iService, struct timespec *last_mod)
3303 SMB_STRUCT_STAT lsbuf;
3304 const char *usersharepath = Globals.usershare_path;
3307 fname = talloc_asprintf(talloc_tos(),
3310 ServicePtrs[iService]->szService);
3311 if (fname == NULL) {
3315 if (sys_lstat(fname, &lsbuf, false) != 0) {
3320 if (!S_ISREG(lsbuf.st_ex_mode)) {
3326 *last_mod = lsbuf.st_ex_mtime;
3330 /***************************************************************************
3331 Load a usershare service by name. Returns a valid servicenumber or -1.
3332 ***************************************************************************/
3334 int load_usershare_service(const char *servicename)
3336 SMB_STRUCT_STAT sbuf;
3337 const char *usersharepath = Globals.usershare_path;
3338 int max_user_shares = Globals.usershare_max_shares;
3339 int snum_template = -1;
3341 if (*usersharepath == 0 || max_user_shares == 0) {
3345 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3346 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3347 usersharepath, strerror(errno) ));
3351 if (!S_ISDIR(sbuf.st_ex_mode)) {
3352 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3358 * This directory must be owned by root, and have the 't' bit set.
3359 * It also must not be writable by "other".
3363 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3365 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3367 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3368 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3373 /* Ensure the template share exists if it's set. */
3374 if (Globals.usershare_template_share[0]) {
3375 /* We can't use lp_servicenumber here as we are recommending that
3376 template shares have -valid=false set. */
3377 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3378 if (ServicePtrs[snum_template]->szService &&
3379 strequal(ServicePtrs[snum_template]->szService,
3380 Globals.usershare_template_share)) {
3385 if (snum_template == -1) {
3386 DEBUG(0,("load_usershare_service: usershare template share %s "
3387 "does not exist.\n",
3388 Globals.usershare_template_share ));
3393 return process_usershare_file(usersharepath, servicename, snum_template);
3396 /***************************************************************************
3397 Load all user defined shares from the user share directory.
3398 We only do this if we're enumerating the share list.
3399 This is the function that can delete usershares that have
3401 ***************************************************************************/
3403 int load_usershare_shares(struct smbd_server_connection *sconn,
3404 bool (*snumused) (struct smbd_server_connection *, int))
3407 SMB_STRUCT_STAT sbuf;
3409 int num_usershares = 0;
3410 int max_user_shares = Globals.usershare_max_shares;
3411 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3412 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3413 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3415 int snum_template = -1;
3416 const char *usersharepath = Globals.usershare_path;
3417 int ret = lp_numservices();
3418 TALLOC_CTX *tmp_ctx;
3420 if (max_user_shares == 0 || *usersharepath == '\0') {
3421 return lp_numservices();
3424 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3425 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3426 usersharepath, strerror(errno) ));
3431 * This directory must be owned by root, and have the 't' bit set.
3432 * It also must not be writable by "other".
3436 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3438 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3440 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3441 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3446 /* Ensure the template share exists if it's set. */
3447 if (Globals.usershare_template_share[0]) {
3448 /* We can't use lp_servicenumber here as we are recommending that
3449 template shares have -valid=false set. */
3450 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3451 if (ServicePtrs[snum_template]->szService &&
3452 strequal(ServicePtrs[snum_template]->szService,
3453 Globals.usershare_template_share)) {
3458 if (snum_template == -1) {
3459 DEBUG(0,("load_usershare_shares: usershare template share %s "
3460 "does not exist.\n",
3461 Globals.usershare_template_share ));
3466 /* Mark all existing usershares as pending delete. */
3467 for (iService = iNumServices - 1; iService >= 0; iService--) {
3468 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3469 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3473 dp = opendir(usersharepath);
3475 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3476 usersharepath, strerror(errno) ));
3480 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3482 num_dir_entries++ ) {
3484 const char *n = de->d_name;
3486 /* Ignore . and .. */
3488 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3494 /* Temporary file used when creating a share. */
3495 num_tmp_dir_entries++;
3498 /* Allow 20% tmp entries. */
3499 if (num_tmp_dir_entries > allowed_tmp_entries) {
3500 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3501 "in directory %s\n",
3502 num_tmp_dir_entries, usersharepath));
3506 r = process_usershare_file(usersharepath, n, snum_template);
3508 /* Update the services count. */
3510 if (num_usershares >= max_user_shares) {
3511 DEBUG(0,("load_usershare_shares: max user shares reached "
3512 "on file %s in directory %s\n",
3513 n, usersharepath ));
3516 } else if (r == -1) {
3517 num_bad_dir_entries++;
3520 /* Allow 20% bad entries. */
3521 if (num_bad_dir_entries > allowed_bad_entries) {
3522 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3523 "in directory %s\n",
3524 num_bad_dir_entries, usersharepath));
3528 /* Allow 20% bad entries. */
3529 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3530 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3531 "in directory %s\n",
3532 num_dir_entries, usersharepath));
3539 /* Sweep through and delete any non-refreshed usershares that are
3540 not currently in use. */
3541 tmp_ctx = talloc_stackframe();
3542 for (iService = iNumServices - 1; iService >= 0; iService--) {
3543 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3546 if (snumused && snumused(sconn, iService)) {
3550 servname = lp_servicename(tmp_ctx, iService);
3552 /* Remove from the share ACL db. */
3553 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3555 delete_share_security(servname);
3556 free_service_byindex(iService);
3559 talloc_free(tmp_ctx);
3561 return lp_numservices();
3564 /********************************************************
3565 Destroy global resources allocated in this file
3566 ********************************************************/
3568 void gfree_loadparm(void)
3574 /* Free resources allocated to services */
3576 for ( i = 0; i < iNumServices; i++ ) {
3578 free_service_byindex(i);
3582 TALLOC_FREE( ServicePtrs );
3585 /* Now release all resources allocated to global
3586 parameters and the default service */
3588 free_global_parameters();
3592 /***************************************************************************
3593 Allow client apps to specify that they are a client
3594 ***************************************************************************/
3595 static void lp_set_in_client(bool b)
3601 /***************************************************************************
3602 Determine if we're running in a client app
3603 ***************************************************************************/
3604 static bool lp_is_in_client(void)
3609 /***************************************************************************
3610 Load the services array from the services file. Return true on success,
3612 ***************************************************************************/
3614 static bool lp_load_ex(const char *pszFname,
3618 bool initialize_globals,
3619 bool allow_include_registry,
3620 bool load_all_shares)
3624 TALLOC_CTX *frame = talloc_stackframe();
3625 struct loadparm_context *lp_ctx;
3629 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3631 bInGlobalSection = true;
3632 bGlobalOnly = global_only;
3633 bAllowIncludeRegistry = allow_include_registry;
3635 lp_ctx = setup_lp_context(talloc_tos());
3637 init_globals(lp_ctx, initialize_globals);
3641 if (save_defaults) {
3646 if (!initialize_globals) {
3647 free_param_opts(&Globals.param_opt);
3648 apply_lp_set_cmdline();
3651 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3653 /* We get sections first, so have to start 'behind' to make up */
3656 if (lp_config_backend_is_file()) {
3657 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3658 current_user_info.domain,
3661 smb_panic("lp_load_ex: out of memory");
3664 add_to_file_list(NULL, &file_lists, pszFname, n2);
3666 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3669 /* finish up the last section */
3670 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3672 if (iServiceIndex >= 0) {
3673 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3677 if (lp_config_backend_is_registry()) {
3679 /* config backend changed to registry in config file */
3681 * We need to use this extra global variable here to
3682 * survive restart: init_globals uses this as a default
3683 * for config_backend. Otherwise, init_globals would
3684 * send us into an endless loop here.
3687 config_backend = CONFIG_BACKEND_REGISTRY;
3689 DEBUG(1, ("lp_load_ex: changing to config backend "
3691 init_globals(lp_ctx, true);
3693 TALLOC_FREE(lp_ctx);
3695 lp_kill_all_services();
3696 ok = lp_load_ex(pszFname, global_only, save_defaults,
3697 add_ipc, initialize_globals,
3698 allow_include_registry,
3703 } else if (lp_config_backend_is_registry()) {
3704 bRetval = process_registry_globals();
3706 DEBUG(0, ("Illegal config backend given: %d\n",
3707 lp_config_backend()));
3711 if (bRetval && lp_registry_shares()) {
3712 if (load_all_shares) {
3713 bRetval = process_registry_shares();
3715 bRetval = reload_registry_shares();
3720 char *serv = lp_auto_services(talloc_tos());
3721 lp_add_auto_services(serv);
3726 /* When 'restrict anonymous = 2' guest connections to ipc$
3728 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3729 if ( lp_enable_asu_support() ) {
3730 lp_add_ipc("ADMIN$", false);
3734 set_allowed_client_auth();
3736 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3737 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3738 lp_password_server()));
3743 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3744 /* if we_are_a_wins_server is true and we are in the client */
3745 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3746 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3751 fault_configure(smb_panic_s3);
3754 * We run this check once the whole smb.conf is parsed, to
3755 * force some settings for the standard way a AD DC is
3756 * operated. We may changed these as our code evolves, which
3757 * is why we force these settings.
3759 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3760 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
3762 lp_do_parameter(-1, "winbindd:use external pipes", "true");
3764 lp_do_parameter(-1, "rpc_server:default", "external");
3765 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
3766 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
3767 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
3768 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
3769 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
3770 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
3771 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
3772 lp_do_parameter(-1, "rpc_server:tcpip", "no");
3775 bAllowIncludeRegistry = true;
3781 bool lp_load(const char *pszFname,
3785 bool initialize_globals)
3787 return lp_load_ex(pszFname,
3792 true, /* allow_include_registry */
3793 false); /* load_all_shares*/
3796 bool lp_load_initial_only(const char *pszFname)
3798 return lp_load_ex(pszFname,
3799 true, /* global only */
3800 false, /* save_defaults */
3801 false, /* add_ipc */
3802 true, /* initialize_globals */
3803 false, /* allow_include_registry */
3804 false); /* load_all_shares*/
3808 * most common lp_load wrapper, loading only the globals
3810 bool lp_load_global(const char *file_name)
3812 return lp_load_ex(file_name,
3813 true, /* global_only */
3814 false, /* save_defaults */
3815 false, /* add_ipc */
3816 true, /* initialize_globals */
3817 true, /* allow_include_registry */
3818 false); /* load_all_shares*/
3822 * lp_load wrapper, especially for clients
3824 bool lp_load_client(const char *file_name)
3826 lp_set_in_client(true);
3828 return lp_load_global(file_name);
3832 * lp_load wrapper, loading only globals, but intended
3833 * for subsequent calls, not reinitializing the globals
3836 bool lp_load_global_no_reinit(const char *file_name)
3838 return lp_load_ex(file_name,
3839 true, /* global_only */
3840 false, /* save_defaults */
3841 false, /* add_ipc */
3842 false, /* initialize_globals */
3843 true, /* allow_include_registry */
3844 false); /* load_all_shares*/
3848 * lp_load wrapper, especially for clients, no reinitialization
3850 bool lp_load_client_no_reinit(const char *file_name)
3852 lp_set_in_client(true);
3854 return lp_load_global_no_reinit(file_name);
3857 bool lp_load_with_registry_shares(const char *pszFname,
3861 bool initialize_globals)
3863 return lp_load_ex(pszFname,
3868 true, /* allow_include_registry */
3869 true); /* load_all_shares*/
3872 /***************************************************************************
3873 Return the max number of services.
3874 ***************************************************************************/
3876 int lp_numservices(void)
3878 return (iNumServices);
3881 /***************************************************************************
3882 Display the contents of the services array in human-readable form.
3883 ***************************************************************************/
3885 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
3888 struct loadparm_context *lp_ctx;
3891 defaults_saved = false;
3893 lp_ctx = setup_lp_context(talloc_tos());
3894 if (lp_ctx == NULL) {
3898 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
3900 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
3902 for (iService = 0; iService < maxtoprint; iService++) {
3904 lp_dump_one(f, show_defaults, iService);
3908 /***************************************************************************
3909 Display the contents of one service in human-readable form.
3910 ***************************************************************************/
3912 void lp_dump_one(FILE * f, bool show_defaults, int snum)
3915 if (ServicePtrs[snum]->szService[0] == '\0')
3917 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
3918 flags_list, show_defaults);
3922 /***************************************************************************
3923 Return the number of the service with the given name, or -1 if it doesn't
3924 exist. Note that this is a DIFFERENT ANIMAL from the internal function
3925 getservicebyname()! This works ONLY if all services have been loaded, and
3926 does not copy the found service.
3927 ***************************************************************************/
3929 int lp_servicenumber(const char *pszServiceName)
3932 fstring serviceName;
3934 if (!pszServiceName) {
3935 return GLOBAL_SECTION_SNUM;
3938 for (iService = iNumServices - 1; iService >= 0; iService--) {
3939 if (VALID(iService) && ServicePtrs[iService]->szService) {
3941 * The substitution here is used to support %U is
3944 fstrcpy(serviceName, ServicePtrs[iService]->szService);
3945 standard_sub_basic(get_current_username(),
3946 current_user_info.domain,
3947 serviceName,sizeof(serviceName));
3948 if (strequal(serviceName, pszServiceName)) {
3954 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
3955 struct timespec last_mod;
3957 if (!usershare_exists(iService, &last_mod)) {
3958 /* Remove the share security tdb entry for it. */
3959 delete_share_security(lp_servicename(talloc_tos(), iService));
3960 /* Remove it from the array. */
3961 free_service_byindex(iService);
3962 /* Doesn't exist anymore. */
3963 return GLOBAL_SECTION_SNUM;
3966 /* Has it been modified ? If so delete and reload. */
3967 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3969 /* Remove it from the array. */
3970 free_service_byindex(iService);
3971 /* and now reload it. */
3972 iService = load_usershare_service(pszServiceName);
3977 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
3978 return GLOBAL_SECTION_SNUM;
3984 /*******************************************************************
3985 A useful volume label function.
3986 ********************************************************************/
3988 const char *volume_label(TALLOC_CTX *ctx, int snum)
3991 const char *label = lp_volume(ctx, snum);
3993 label = lp_servicename(ctx, snum);
3996 /* This returns a 33 byte guarenteed null terminated string. */
3997 ret = talloc_strndup(ctx, label, 32);
4004 /*******************************************************************
4005 Get the default server type we will announce as via nmbd.
4006 ********************************************************************/
4008 int lp_default_server_announce(void)
4010 int default_server_announce = 0;
4011 default_server_announce |= SV_TYPE_WORKSTATION;
4012 default_server_announce |= SV_TYPE_SERVER;
4013 default_server_announce |= SV_TYPE_SERVER_UNIX;
4015 /* note that the flag should be set only if we have a
4016 printer service but nmbd doesn't actually load the
4017 services so we can't tell --jerry */
4019 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4021 default_server_announce |= SV_TYPE_SERVER_NT;
4022 default_server_announce |= SV_TYPE_NT;
4024 switch (lp_server_role()) {
4025 case ROLE_DOMAIN_MEMBER:
4026 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4028 case ROLE_DOMAIN_PDC:
4029 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4031 case ROLE_DOMAIN_BDC:
4032 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4034 case ROLE_STANDALONE:
4038 if (lp_time_server())
4039 default_server_announce |= SV_TYPE_TIME_SOURCE;
4041 if (lp_host_msdfs())
4042 default_server_announce |= SV_TYPE_DFS_SERVER;
4044 return default_server_announce;
4047 /***********************************************************
4048 If we are PDC then prefer us as DMB
4049 ************************************************************/
4051 bool lp_domain_master(void)
4053 if (Globals._domain_master == Auto)
4054 return (lp_server_role() == ROLE_DOMAIN_PDC);
4056 return (bool)Globals._domain_master;
4059 /***********************************************************
4060 If we are PDC then prefer us as DMB
4061 ************************************************************/
4063 static bool lp_domain_master_true_or_auto(void)
4065 if (Globals._domain_master) /* auto or yes */
4071 /***********************************************************
4072 If we are DMB then prefer us as LMB
4073 ************************************************************/
4075 bool lp_preferred_master(void)
4077 if (Globals.iPreferredMaster == Auto)
4078 return (lp_local_master() && lp_domain_master());
4080 return (bool)Globals.iPreferredMaster;
4083 /*******************************************************************
4085 ********************************************************************/
4087 void lp_remove_service(int snum)
4089 ServicePtrs[snum]->valid = false;
4092 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4094 const char *ret = lp__printername(ctx, snum);
4095 if (ret == NULL || *ret == '\0') {
4096 ret = lp_const_servicename(snum);
4103 /***********************************************************
4104 Allow daemons such as winbindd to fix their logfile name.
4105 ************************************************************/
4107 void lp_set_logfile(const char *name)
4109 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4110 debug_set_logfile(name);
4113 /*******************************************************************
4114 Return the max print jobs per queue.
4115 ********************************************************************/
4117 int lp_maxprintjobs(int snum)
4119 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4120 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4121 maxjobs = PRINT_MAX_JOBID - 1;
4126 const char *lp_printcapname(void)
4128 if ((Globals.szPrintcapname != NULL) &&
4129 (Globals.szPrintcapname[0] != '\0'))
4130 return Globals.szPrintcapname;
4132 if (sDefault.printing == PRINT_CUPS) {
4136 if (sDefault.printing == PRINT_BSD)
4137 return "/etc/printcap";
4139 return PRINTCAP_NAME;
4142 static uint32 spoolss_state;
4144 bool lp_disable_spoolss( void )
4146 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4147 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4149 return spoolss_state == SVCCTL_STOPPED ? true : false;
4152 void lp_set_spoolss_state( uint32 state )
4154 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4156 spoolss_state = state;
4159 uint32 lp_get_spoolss_state( void )
4161 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4164 /*******************************************************************
4165 Ensure we don't use sendfile if server smb signing is active.
4166 ********************************************************************/
4168 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4170 bool sign_active = false;
4172 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4173 if (get_Protocol() < PROTOCOL_NT1) {
4176 if (signing_state) {
4177 sign_active = smb_signing_is_active(signing_state);
4179 return (lp__use_sendfile(snum) &&
4180 (get_remote_arch() != RA_WIN95) &&
4184 /*******************************************************************
4185 Turn off sendfile if we find the underlying OS doesn't support it.
4186 ********************************************************************/
4188 void set_use_sendfile(int snum, bool val)
4190 if (LP_SNUM_OK(snum))
4191 ServicePtrs[snum]->_use_sendfile = val;
4193 sDefault._use_sendfile = val;
4196 /*******************************************************************
4197 Turn off storing DOS attributes if this share doesn't support it.
4198 ********************************************************************/
4200 void set_store_dos_attributes(int snum, bool val)
4202 if (!LP_SNUM_OK(snum))
4204 ServicePtrs[(snum)]->store_dos_attributes = val;
4207 void lp_set_mangling_method(const char *new_method)
4209 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4212 /*******************************************************************
4213 Global state for POSIX pathname processing.
4214 ********************************************************************/
4216 static bool posix_pathnames;
4218 bool lp_posix_pathnames(void)
4220 return posix_pathnames;
4223 /*******************************************************************
4224 Change everything needed to ensure POSIX pathname processing (currently
4226 ********************************************************************/
4228 void lp_set_posix_pathnames(void)
4230 posix_pathnames = true;
4233 /*******************************************************************
4234 Global state for POSIX lock processing - CIFS unix extensions.
4235 ********************************************************************/
4237 bool posix_default_lock_was_set;
4238 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4240 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4242 if (posix_default_lock_was_set) {
4243 return posix_cifsx_locktype;
4245 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4246 POSIX_LOCK : WINDOWS_LOCK;
4250 /*******************************************************************
4251 ********************************************************************/
4253 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4255 posix_default_lock_was_set = true;
4256 posix_cifsx_locktype = val;
4259 int lp_min_receive_file_size(void)
4261 if (Globals.iminreceivefile < 0) {
4264 return Globals.iminreceivefile;
4267 /*******************************************************************
4268 Safe wide links checks.
4269 This helper function always verify the validity of wide links,
4270 even after a configuration file reload.
4271 ********************************************************************/
4273 static bool lp_widelinks_internal(int snum)
4275 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4276 sDefault.bWidelinks);
4279 void widelinks_warning(int snum)
4281 if (lp_allow_insecure_wide_links()) {
4285 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4286 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4287 "These parameters are incompatible. "
4288 "Wide links will be disabled for this share.\n",
4289 lp_servicename(talloc_tos(), snum) ));
4293 bool lp_widelinks(int snum)
4295 /* wide links is always incompatible with unix extensions */
4296 if (lp_unix_extensions()) {
4298 * Unless we have "allow insecure widelinks"
4301 if (!lp_allow_insecure_wide_links()) {
4306 return lp_widelinks_internal(snum);
4309 int lp_server_role(void)
4311 return lp_find_server_role(lp__server_role(),
4313 lp__domain_logons(),
4314 lp_domain_master_true_or_auto());
4317 int lp_security(void)
4319 return lp_find_security(lp__server_role(),
4323 int lp_client_max_protocol(void)
4325 int client_max_protocol = lp__client_max_protocol();
4326 if (client_max_protocol == PROTOCOL_DEFAULT) {
4327 return PROTOCOL_NT1;
4329 return client_max_protocol;
4332 int lp_winbindd_max_protocol(void)
4334 int client_max_protocol = lp__client_max_protocol();
4335 if (client_max_protocol == PROTOCOL_DEFAULT) {
4336 return PROTOCOL_LATEST;
4338 return client_max_protocol;
4341 struct loadparm_global * get_globals(void)
4346 unsigned int * get_flags(void)
4348 if (flags_list == NULL) {
4349 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());