char *szRemoteAnnounce;
char *szRemoteBrowseSync;
char *szSocketAddress;
+ bool bNmbdBindExplicitBroadcast;
char *szNISHomeMapName;
char *szAnnounceVersion; /* This is initialised in init_globals */
char *szWorkgroup;
int oplock_break_wait_time;
int winbind_cache_time;
int winbind_reconnect_delay;
- int winbind_max_idle_children;
+ int winbind_max_clients;
char **szWinbindNssInfo;
int iLockSpinTime;
char *szLdapMachineSuffix;
char *szLdapGroupSuffix;
int ldap_ssl;
bool ldap_ssl_ads;
+ int ldap_deref;
int ldap_follow_referral;
char *szLdapSuffix;
char *szLdapAdminDn;
bool bClientNTLMv2Auth;
bool bClientPlaintextAuth;
bool bClientUseSpnego;
+ bool client_use_spnego_principal;
bool bDebugPrefixTimestamp;
bool bDebugHiresTimestamp;
bool bDebugPid;
int cups_connection_timeout;
char *szSMBPerfcountModule;
bool bMapUntrustedToDomain;
- bool bFakeDirCreateTimes;
};
static struct global Globals;
bool bDosFilemode;
bool bDosFiletimes;
bool bDosFiletimeResolution;
+ bool bFakeDirCreateTimes;
bool bBlockingLocks;
bool bInheritPerms;
bool bInheritACLS;
True, /* bLevel2OpLocks */
False, /* bOnlyUser */
True, /* bMangledNames */
- True, /* bWidelinks */
+ false, /* bWidelinks */
True, /* bSymlinks */
False, /* bSyncAlways */
False, /* bStrictAllocate */
False, /* bDosFilemode */
True, /* bDosFiletimes */
False, /* bDosFiletimeResolution */
+ False, /* bFakeDirCreateTimes */
True, /* bBlockingLocks */
False, /* bInheritPerms */
False, /* bInheritACLS */
{-1, NULL}
};
+/* LDAP Dereferencing Alias types */
+#define SAMBA_LDAP_DEREF_NEVER 0
+#define SAMBA_LDAP_DEREF_SEARCHING 1
+#define SAMBA_LDAP_DEREF_FINDING 2
+#define SAMBA_LDAP_DEREF_ALWAYS 3
+
+static const struct enum_list enum_ldap_deref[] = {
+ {SAMBA_LDAP_DEREF_NEVER, "never"},
+ {SAMBA_LDAP_DEREF_SEARCHING, "searching"},
+ {SAMBA_LDAP_DEREF_FINDING, "finding"},
+ {SAMBA_LDAP_DEREF_ALWAYS, "always"},
+ {-1, "auto"}
+};
+
static const struct enum_list enum_ldap_passwd_sync[] = {
{LDAP_PASSWD_SYNC_OFF, "no"},
{LDAP_PASSWD_SYNC_OFF, "off"},
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "client use spnego principal",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.client_use_spnego_principal,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "username",
.type = P_STRING,
.ptr = &sDefault.iWriteCacheSize,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_DEPRECATED,
+ .flags = FLAG_ADVANCED | FLAG_SHARE,
},
{
.label = "name cache timeout",
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "ldap deref",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.ldap_deref,
+ .special = NULL,
+ .enum_list = enum_ldap_deref,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "ldap follow referral",
.type = P_ENUM,
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "nmbd bind explicit broadcast",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.bNmbdBindExplicitBroadcast,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "homedir map",
.type = P_STRING,
{
.label = "fake directory create times",
.type = P_BOOL,
- .p_class = P_GLOBAL,
- .ptr = &Globals.bFakeDirCreateTimes,
+ .p_class = P_LOCAL,
+ .ptr = &sDefault.bFakeDirCreateTimes,
.special = NULL,
.enum_list = NULL,
.flags = FLAG_ADVANCED | FLAG_GLOBAL,
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "winbind max clients",
+ .type = P_INTEGER,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.winbind_max_clients,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "winbind enum users",
.type = P_BOOL,
#endif
#endif
+ if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
+ DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
+ "minimum Windows limit (%d)\n",
+ sysctl_max,
+ MIN_OPEN_FILES_WINDOWS));
+ sysctl_max = MIN_OPEN_FILES_WINDOWS;
+ }
+
+ if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
+ DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
+ "minimum Windows limit (%d)\n",
+ rlimit_max,
+ MIN_OPEN_FILES_WINDOWS));
+ rlimit_max = MIN_OPEN_FILES_WINDOWS;
+ }
+
return MIN(sysctl_max, rlimit_max);
}
string_set(&Globals.szCacheDir, get_dyn_CACHEDIR());
string_set(&Globals.szPidDir, get_dyn_PIDDIR());
string_set(&Globals.szSocketAddress, "0.0.0.0");
+ /*
+ * By default support explicit binding to broadcast
+ * addresses.
+ */
+ Globals.bNmbdBindExplicitBroadcast = true;
if (asprintf(&s, "Samba %s", samba_version_string()) < 0) {
smb_panic("init_globals: ENOMEM");
string_set(&Globals.szLdapAdminDn, "");
Globals.ldap_ssl = LDAP_SSL_START_TLS;
Globals.ldap_ssl_ads = False;
+ Globals.ldap_deref = -1;
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
Globals.ldap_delete_dn = False;
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
Globals.winbind_cache_time = 300; /* 5 minutes */
Globals.winbind_reconnect_delay = 30; /* 30 seconds */
+ Globals.winbind_max_clients = 200;
Globals.bWinbindEnumUsers = False;
Globals.bWinbindEnumGroups = False;
Globals.bWinbindUseDefaultDomain = False;
char fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
FN_GLOBAL_STRING(lp_smb_ports, &Globals.smb_ports)
-FN_GLOBAL_STRING(lp_dos_charset, &Globals.dos_charset)
-FN_GLOBAL_STRING(lp_unix_charset, &Globals.unix_charset)
-FN_GLOBAL_STRING(lp_display_charset, &Globals.display_charset)
+FN_GLOBAL_CONST_STRING(lp_dos_charset, &Globals.dos_charset)
+FN_GLOBAL_CONST_STRING(lp_unix_charset, &Globals.unix_charset)
+FN_GLOBAL_CONST_STRING(lp_display_charset, &Globals.display_charset)
FN_GLOBAL_STRING(lp_logfile, &Globals.szLogFile)
FN_GLOBAL_STRING(lp_configfile, &Globals.szConfigFile)
FN_GLOBAL_STRING(lp_smb_passwd_file, &Globals.szSMBPasswdFile)
FN_GLOBAL_CONST_STRING(lp_logon_home, &Globals.szLogonHome)
FN_GLOBAL_STRING(lp_remote_announce, &Globals.szRemoteAnnounce)
FN_GLOBAL_STRING(lp_remote_browse_sync, &Globals.szRemoteBrowseSync)
+FN_GLOBAL_BOOL(lp_nmbd_bind_explicit_broadcast, &Globals.bNmbdBindExplicitBroadcast)
FN_GLOBAL_LIST(lp_wins_server_list, &Globals.szWINSservers)
FN_GLOBAL_LIST(lp_interfaces, &Globals.szInterfaces)
FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName)
FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
FN_GLOBAL_BOOL(lp_ldap_ssl_ads, &Globals.ldap_ssl_ads)
+FN_GLOBAL_INTEGER(lp_ldap_deref, &Globals.ldap_deref)
FN_GLOBAL_INTEGER(lp_ldap_follow_referral, &Globals.ldap_follow_referral)
FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
FN_GLOBAL_BOOL(lp_unix_extensions, &Globals.bUnixExtensions)
FN_GLOBAL_BOOL(lp_use_spnego, &Globals.bUseSpnego)
FN_GLOBAL_BOOL(lp_client_use_spnego, &Globals.bClientUseSpnego)
+FN_GLOBAL_BOOL(lp_client_use_spnego_principal, &Globals.client_use_spnego_principal)
FN_GLOBAL_BOOL(lp_hostname_lookups, &Globals.bHostnameLookups)
FN_LOCAL_PARM_BOOL(lp_change_notify, bChangeNotify)
FN_LOCAL_PARM_BOOL(lp_kernel_change_notify, bKernelChangeNotify)
FN_GLOBAL_STRING(lp_cups_server, &Globals.szCupsServer)
int lp_cups_encrypt(void)
{
+ int result = 0;
#ifdef HAVE_HTTPCONNECTENCRYPT
switch (Globals.CupsEncrypt) {
case Auto:
- Globals.CupsEncrypt = HTTP_ENCRYPT_REQUIRED;
+ result = HTTP_ENCRYPT_REQUIRED;
break;
case True:
- Globals.CupsEncrypt = HTTP_ENCRYPT_ALWAYS;
+ result = HTTP_ENCRYPT_ALWAYS;
break;
case False:
- Globals.CupsEncrypt = HTTP_ENCRYPT_NEVER;
+ result = HTTP_ENCRYPT_NEVER;
break;
}
#endif
- return Globals.CupsEncrypt;
+ return result;
}
FN_GLOBAL_STRING(lp_iprint_server, &Globals.szIPrintServer)
FN_GLOBAL_INTEGER(lp_cups_connection_timeout, &Globals.cups_connection_timeout)
FN_LOCAL_BOOL(lp_level2_oplocks, bLevel2OpLocks)
FN_LOCAL_BOOL(lp_onlyuser, bOnlyUser)
FN_LOCAL_PARM_BOOL(lp_manglednames, bMangledNames)
-FN_LOCAL_BOOL(lp_widelinks, bWidelinks)
FN_LOCAL_BOOL(lp_symlinks, bSymlinks)
FN_LOCAL_BOOL(lp_syncalways, bSyncAlways)
FN_LOCAL_BOOL(lp_strict_allocate, bStrictAllocate)
FN_LOCAL_BOOL(lp_dos_filemode, bDosFilemode)
FN_LOCAL_BOOL(lp_dos_filetimes, bDosFiletimes)
FN_LOCAL_BOOL(lp_dos_filetime_resolution, bDosFiletimeResolution)
-FN_GLOBAL_BOOL(lp_fake_dir_create_times, &Globals.bFakeDirCreateTimes)
+FN_LOCAL_BOOL(lp_fake_dir_create_times, bFakeDirCreateTimes)
FN_LOCAL_BOOL(lp_blocking_locks, bBlockingLocks)
FN_LOCAL_BOOL(lp_inherit_perms, bInheritPerms)
FN_LOCAL_BOOL(lp_inherit_acls, bInheritACLS)
FN_LOCAL_CHAR(lp_magicchar, magic_char)
FN_GLOBAL_INTEGER(lp_winbind_cache_time, &Globals.winbind_cache_time)
FN_GLOBAL_INTEGER(lp_winbind_reconnect_delay, &Globals.winbind_reconnect_delay)
+FN_GLOBAL_INTEGER(lp_winbind_max_clients, &Globals.winbind_max_clients)
FN_GLOBAL_LIST(lp_winbind_nss_info, &Globals.szWinbindNssInfo)
FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase)
FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout)
return ret;
}
+/**
+ * reload those shares from registry that are already
+ * activated in the services array.
+ */
+static bool reload_registry_shares(void)
+{
+ int i;
+ bool ret = true;
+
+ for (i = 0; i < iNumServices; i++) {
+ if (!VALID(i)) {
+ continue;
+ }
+
+ if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
+ continue;
+ }
+
+ ret = process_registry_service(ServicePtrs[i]->szService);
+ if (!ret) {
+ goto done;
+ }
+ }
+
+done:
+ return ret;
+}
+
+
#define MAX_INCLUDE_DEPTH 100
static uint8_t include_depth;
return lp_numservices();
}
- if (sys_stat(usersharepath, &sbuf, lp_fake_dir_create_times())
- != 0) {
+ if (sys_stat(usersharepath, &sbuf, false) != 0) {
DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
usersharepath, strerror(errno) ));
return ret;
bRetval = false;
}
- if (bRetval && lp_registry_shares() && allow_registry_shares) {
- bRetval = process_registry_shares();
+ if (bRetval && lp_registry_shares()) {
+ if (allow_registry_shares) {
+ bRetval = process_registry_shares();
+ } else {
+ bRetval = reload_registry_shares();
+ }
}
- lp_add_auto_services(lp_auto_services());
+ {
+ char *serv = lp_auto_services();
+ lp_add_auto_services(serv);
+ TALLOC_FREE(serv);
+ }
if (add_ipc) {
/* When 'restrict anonymous = 2' guest connections to ipc$
const char *sharename)
{
struct share_params *result;
- char *sname;
+ fstring sname;
int snum;
- if (!(sname = SMB_STRDUP(sharename))) {
- return NULL;
- }
-
- snum = find_service(sname);
- SAFE_FREE(sname);
+ snum = find_service(sharename, sname);
if (snum < 0) {
return NULL;
{
string_set(&Globals.szPassdbBackend, backend);
}
+
+/*******************************************************************
+ Safe wide links checks.
+ This helper function always verify the validity of wide links,
+ even after a configuration file reload.
+********************************************************************/
+
+static bool lp_widelinks_internal(int snum)
+{
+ return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
+ sDefault.bWidelinks);
+}
+
+void widelinks_warning(int snum)
+{
+ if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
+ DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
+ "These parameters are incompatible. "
+ "Wide links will be disabled for this share.\n",
+ lp_servicename(snum) ));
+ }
+}
+
+bool lp_widelinks(int snum)
+{
+ /* wide links is always incompatible with unix extensions */
+ if (lp_unix_extensions()) {
+ return false;
+ }
+
+ return lp_widelinks_internal(snum);
+}