2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
73 #ifdef HAVE_SYS_SYSCTL_H
74 #include <sys/sysctl.h>
77 #ifdef HAVE_HTTPCONNECTENCRYPT
78 #include <cups/http.h>
83 extern userdom_struct current_user_info;
85 /* the special value for the include parameter
86 * to be interpreted not as a file name but to
87 * trigger loading of the global smb.conf options
89 #ifndef INCLUDE_REGISTRY_NAME
90 #define INCLUDE_REGISTRY_NAME "registry"
93 static bool in_client = false; /* Not in the client by default */
94 static struct smbconf_csn conf_last_csn;
96 static int config_backend = CONFIG_BACKEND_FILE;
98 /* some helpful bits */
99 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
102 #define USERSHARE_VALID 1
103 #define USERSHARE_PENDING_DELETE 2
105 static bool defaults_saved = false;
107 #include "lib/param/param_global.h"
109 static struct loadparm_global Globals;
111 /* This is a default service used to prime a services structure */
112 static struct loadparm_service sDefault =
117 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .iMaxPrintJobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
188 .administrative_share = false,
191 .print_notify_backchannel = false,
195 .store_dos_attributes = false,
196 .dmapi_support = false,
198 .strict_locking = Auto,
199 .posix_locking = true,
201 .kernel_oplocks = false,
202 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_sync = false,
210 .mangling_char = '~',
212 .delete_readonly = false,
213 .fake_oplocks = false,
214 .delete_veto_files = false,
215 .dos_filemode = false,
216 .dos_filetimes = true,
217 .dos_filetime_resolution = false,
218 .fake_directory_create_times = false,
219 .blocking_locks = true,
220 .inherit_permissions = false,
221 .inherit_acls = false,
222 .inherit_owner = false,
224 .use_client_driver = false,
225 .default_devmode = true,
226 .force_printername = false,
227 .nt_acl_support = true,
228 .force_unknown_acl_user = false,
229 ._use_sendfile = false,
230 .profile_acls = false,
231 .map_acl_inherit = false,
234 .acl_check_permissions = true,
235 .acl_map_full_control = true,
236 .acl_group_control = false,
237 .acl_allow_execute_always = false,
238 .change_notify = true,
239 .kernel_change_notify = true,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
261 static void set_allowed_client_auth(void);
263 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
264 static void free_param_opts(struct parmlist_entry **popts);
266 /* this is used to prevent lots of mallocs of size 1 */
267 static const char null_string[] = "";
273 static void string_free(char **s)
277 if (*s == null_string)
283 Set a string value, deallocating any existing space, and allocing the space
287 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
295 (*dest) = talloc_strdup(mem_ctx, src);
296 if ((*dest) == NULL) {
297 DEBUG(0,("Out of memory in string_init\n"));
304 bool lp_string_set(char **dest, const char *src) {
305 return string_set(Globals.ctx, dest, src);
308 /***************************************************************************
309 Initialise the sDefault parameter structure for the printer values.
310 ***************************************************************************/
312 void init_printer_values(TALLOC_CTX *ctx, struct loadparm_service *pService)
314 /* choose defaults depending on the type of printing */
315 switch (pService->printing) {
320 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P'%p'");
321 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P'%p' %j");
322 lpcfg_string_set(ctx, &pService->print_command, "lpr -r -P'%p' %s");
327 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P'%p'");
328 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P'%p' %j");
329 lpcfg_string_set(ctx, &pService->print_command, "lpr -r -P'%p' %s");
330 lpcfg_string_set(ctx, &pService->queuepause_command, "lpc stop '%p'");
331 lpcfg_string_set(ctx, &pService->queueresume_command, "lpc start '%p'");
332 lpcfg_string_set(ctx, &pService->lppause_command, "lpc hold '%p' %j");
333 lpcfg_string_set(ctx, &pService->lpresume_command, "lpc release '%p' %j");
338 /* set the lpq command to contain the destination printer
339 name only. This is used by cups_queue_get() */
340 lpcfg_string_set(ctx, &pService->lpq_command, "%p");
341 lpcfg_string_set(ctx, &pService->lprm_command, "");
342 lpcfg_string_set(ctx, &pService->print_command, "");
343 lpcfg_string_set(ctx, &pService->lppause_command, "");
344 lpcfg_string_set(ctx, &pService->lpresume_command, "");
345 lpcfg_string_set(ctx, &pService->queuepause_command, "");
346 lpcfg_string_set(ctx, &pService->queueresume_command, "");
351 lpcfg_string_set(ctx, &pService->lpq_command, "lpstat -o%p");
352 lpcfg_string_set(ctx, &pService->lprm_command, "cancel %p-%j");
353 lpcfg_string_set(ctx, &pService->print_command, "lp -c -d%p %s; rm %s");
354 lpcfg_string_set(ctx, &pService->queuepause_command, "disable %p");
355 lpcfg_string_set(ctx, &pService->queueresume_command, "enable %p");
357 lpcfg_string_set(ctx, &pService->lppause_command, "lp -i %p-%j -H hold");
358 lpcfg_string_set(ctx, &pService->lpresume_command, "lp -i %p-%j -H resume");
363 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P%p");
364 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P%p %j");
365 lpcfg_string_set(ctx, &pService->print_command, "lp -r -P%p %s");
368 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
373 TALLOC_CTX *tmp_ctx = talloc_new(ctx);
376 tdbfile = talloc_asprintf(
377 tmp_ctx, "tdbfile=%s",
378 lp_parm_const_string(-1, "vlp", "tdbfile",
380 if (tdbfile == NULL) {
381 tdbfile="tdbfile=/tmp/vlp.tdb";
384 tmp = talloc_asprintf(tmp_ctx, "vlp %s print %%p %%s",
386 lpcfg_string_set(ctx, &pService->print_command,
387 tmp ? tmp : "vlp print %p %s");
389 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpq %%p",
391 lpcfg_string_set(ctx, &pService->lpq_command,
392 tmp ? tmp : "vlp lpq %p");
394 tmp = talloc_asprintf(tmp_ctx, "vlp %s lprm %%p %%j",
396 lpcfg_string_set(ctx, &pService->lprm_command,
397 tmp ? tmp : "vlp lprm %p %j");
399 tmp = talloc_asprintf(tmp_ctx, "vlp %s lppause %%p %%j",
401 lpcfg_string_set(ctx, &pService->lppause_command,
402 tmp ? tmp : "vlp lppause %p %j");
404 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpresume %%p %%j",
406 lpcfg_string_set(ctx, &pService->lpresume_command,
407 tmp ? tmp : "vlp lpresume %p %j");
409 tmp = talloc_asprintf(tmp_ctx, "vlp %s queuepause %%p",
411 lpcfg_string_set(ctx, &pService->queuepause_command,
412 tmp ? tmp : "vlp queuepause %p");
414 tmp = talloc_asprintf(tmp_ctx, "vlp %s queueresume %%p",
416 lpcfg_string_set(ctx, &pService->queueresume_command,
417 tmp ? tmp : "vlp queueresume %p");
418 TALLOC_FREE(tmp_ctx);
422 #endif /* DEVELOPER */
427 * Function to return the default value for the maximum number of open
428 * file descriptors permitted. This function tries to consult the
429 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
430 * the smaller of those.
432 static int max_open_files(void)
434 int sysctl_max = MAX_OPEN_FILES;
435 int rlimit_max = MAX_OPEN_FILES;
437 #ifdef HAVE_SYSCTLBYNAME
439 size_t size = sizeof(sysctl_max);
440 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
445 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
451 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
452 rlimit_max = rl.rlim_cur;
454 #if defined(RLIM_INFINITY)
455 if(rl.rlim_cur == RLIM_INFINITY)
456 rlimit_max = MAX_OPEN_FILES;
461 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
462 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
463 "minimum Windows limit (%d)\n",
465 MIN_OPEN_FILES_WINDOWS));
466 sysctl_max = MIN_OPEN_FILES_WINDOWS;
469 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
470 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
471 "minimum Windows limit (%d)\n",
473 MIN_OPEN_FILES_WINDOWS));
474 rlimit_max = MIN_OPEN_FILES_WINDOWS;
477 return MIN(sysctl_max, rlimit_max);
481 * Common part of freeing allocated data for one parameter.
483 static void free_one_parameter_common(void *parm_ptr,
484 struct parm_struct parm)
486 if ((parm.type == P_STRING) ||
487 (parm.type == P_USTRING))
489 string_free((char**)parm_ptr);
490 } else if (parm.type == P_LIST) {
491 TALLOC_FREE(*((char***)parm_ptr));
496 * Free the allocated data for one parameter for a share
497 * given as a service struct.
499 static void free_one_parameter(struct loadparm_service *service,
500 struct parm_struct parm)
504 if (parm.p_class != P_LOCAL) {
508 parm_ptr = lp_parm_ptr(service, &parm);
510 free_one_parameter_common(parm_ptr, parm);
514 * Free the allocated parameter data of a share given
515 * as a service struct.
517 static void free_parameters(struct loadparm_service *service)
521 for (i=0; parm_table[i].label; i++) {
522 free_one_parameter(service, parm_table[i]);
527 * Free the allocated data for one parameter for a given share
528 * specified by an snum.
530 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
535 parm_ptr = lp_parm_ptr(NULL, &parm);
536 } else if (parm.p_class != P_LOCAL) {
539 parm_ptr = lp_local_ptr_by_snum(snum, &parm);
542 free_one_parameter_common(parm_ptr, parm);
546 * Free the allocated parameter data for a share specified
549 static void free_parameters_by_snum(int snum)
553 for (i=0; parm_table[i].label; i++) {
554 free_one_parameter_by_snum(snum, parm_table[i]);
559 * Free the allocated global parameters.
561 static void free_global_parameters(void)
563 free_param_opts(&Globals.param_opt);
564 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
565 TALLOC_FREE(Globals.ctx);
568 struct lp_stored_option {
569 struct lp_stored_option *prev, *next;
574 static struct lp_stored_option *stored_options;
577 save options set by lp_set_cmdline() into a list. This list is
578 re-applied when we do a globals reset, so that cmdline set options
579 are sticky across reloads of smb.conf
581 static bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
583 struct lp_stored_option *entry, *entry_next;
584 for (entry = stored_options; entry != NULL; entry = entry_next) {
585 entry_next = entry->next;
586 if (strcmp(pszParmName, entry->label) == 0) {
587 DLIST_REMOVE(stored_options, entry);
593 entry = talloc(NULL, struct lp_stored_option);
598 entry->label = talloc_strdup(entry, pszParmName);
604 entry->value = talloc_strdup(entry, pszParmValue);
610 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
615 static bool apply_lp_set_cmdline(void)
617 struct lp_stored_option *entry = NULL;
618 for (entry = stored_options; entry != NULL; entry = entry->next) {
619 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
620 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
621 entry->label, entry->value));
628 /***************************************************************************
629 Initialise the global parameter structure.
630 ***************************************************************************/
632 static void init_globals(bool reinit_globals)
634 static bool done_init = false;
638 /* If requested to initialize only once and we've already done it... */
639 if (!reinit_globals && done_init) {
640 /* ... then we have nothing more to do */
645 /* The logfile can be set before this is invoked. Free it if so. */
646 if (Globals.logfile != NULL) {
647 string_free(&Globals.logfile);
648 Globals.logfile = NULL;
652 free_global_parameters();
655 /* This memset and the free_global_parameters() above will
656 * wipe out smb.conf options set with lp_set_cmdline(). The
657 * apply_lp_set_cmdline() call puts these values back in the
658 * table once the defaults are set */
659 ZERO_STRUCT(Globals);
661 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
663 for (i = 0; parm_table[i].label; i++) {
664 if ((parm_table[i].type == P_STRING ||
665 parm_table[i].type == P_USTRING))
667 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
672 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
673 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
675 init_printer_values(Globals.ctx, &sDefault);
677 sDefault.ntvfs_handler = (const char **)str_list_make_v3(NULL, "unixuid default", NULL);
679 DEBUG(3, ("Initialising global parameters\n"));
681 /* Must manually force to upper case here, as this does not go via the handler */
682 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
684 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
685 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
687 /* use the new 'hash2' method by default, with a prefix of 1 */
688 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
689 Globals.mangle_prefix = 1;
691 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
693 /* using UTF8 by default allows us to support all chars */
694 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
696 /* Use codepage 850 as a default for the dos character set */
697 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
700 * Allow the default PASSWD_CHAT to be overridden in local.h.
702 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
704 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
706 string_set(Globals.ctx, &Globals.passwd_program, "");
707 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
708 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
709 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
710 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
711 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
713 * By default support explicit binding to broadcast
716 Globals.nmbd_bind_explicit_broadcast = true;
718 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
720 smb_panic("init_globals: ENOMEM");
722 string_set(Globals.ctx, &Globals.server_string, s);
725 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
728 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
730 string_set(Globals.ctx, &Globals.logon_drive, "");
731 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
732 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
733 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
735 Globals.name_resolve_order = (const char **)str_list_make_v3(NULL, "lmhosts wins host bcast", NULL);
736 string_set(Globals.ctx, &Globals.password_server, "*");
738 Globals.algorithmic_rid_base = BASE_RID;
740 Globals.load_printers = true;
741 Globals.printcap_cache_time = 750; /* 12.5 minutes */
743 Globals.config_backend = config_backend;
744 Globals._server_role = ROLE_AUTO;
746 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
747 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
748 Globals.max_xmit = 0x4104;
749 Globals.max_mux = 50; /* This is *needed* for profile support. */
750 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
751 Globals._disable_spoolss = false;
752 Globals.max_smbd_processes = 0;/* no limit specified */
753 Globals.username_level = 0;
754 Globals.deadtime = 0;
755 Globals.getwd_cache = true;
756 Globals.large_readwrite = true;
757 Globals.max_log_size = 5000;
758 Globals.max_open_files = max_open_files();
759 Globals.server_max_protocol = PROTOCOL_SMB3_00;
760 Globals.server_min_protocol = PROTOCOL_LANMAN1;
761 Globals.client_max_protocol = PROTOCOL_NT1;
762 Globals.client_min_protocol = PROTOCOL_CORE;
763 Globals._security = SEC_AUTO;
764 Globals.encrypt_passwords = true;
765 Globals.client_schannel = Auto;
766 Globals.winbind_sealed_pipes = true;
767 Globals.require_strong_key = true;
768 Globals.server_schannel = Auto;
769 Globals.read_raw = true;
770 Globals.write_raw = true;
771 Globals.null_passwords = false;
772 Globals.old_password_allowed_period = 60;
773 Globals.obey_pam_restrictions = false;
775 Globals.syslog_only = false;
776 Globals.timestamp_logs = true;
777 string_set(Globals.ctx, &Globals.log_level, "0");
778 Globals.debug_prefix_timestamp = false;
779 Globals.debug_hires_timestamp = true;
780 Globals.debug_pid = false;
781 Globals.debug_uid = false;
782 Globals.debug_class = false;
783 Globals.enable_core_files = true;
784 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
785 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
786 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
787 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
788 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
789 Globals.lm_interval = 60;
790 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
791 Globals.nis_homedir = false;
792 #ifdef WITH_NISPLUS_HOME
793 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
795 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
798 Globals.time_server = false;
799 Globals.bind_interfaces_only = false;
800 Globals.unix_password_sync = false;
801 Globals.pam_password_change = false;
802 Globals.passwd_chat_debug = false;
803 Globals.passwd_chat_timeout = 2; /* 2 second default. */
804 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
805 Globals.nt_status_support = true; /* Use NT status by default. */
806 Globals.stat_cache = true; /* use stat cache by default */
807 Globals.max_stat_cache_size = 256; /* 256k by default */
808 Globals.restrict_anonymous = 0;
809 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
810 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
811 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
812 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
813 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
814 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
816 Globals.map_to_guest = 0; /* By Default, "Never" */
817 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
818 Globals.enhanced_browsing = true;
819 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
820 #ifdef MMAP_BLACKLIST
821 Globals.use_mmap = false;
823 Globals.use_mmap = true;
825 Globals.unicode = true;
826 Globals.unix_extensions = true;
827 Globals.reset_on_zero_vc = false;
828 Globals.log_writeable_files_on_exit = false;
829 Globals.create_krb5_conf = true;
830 Globals.winbindMaxDomainConnections = 1;
832 /* hostname lookups can be very expensive and are broken on
833 a large number of sites (tridge) */
834 Globals.hostname_lookups = false;
836 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
837 string_set(Globals.ctx, &Globals.ldap_suffix, "");
838 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
839 string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
840 string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
841 string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
843 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
844 Globals.ldap_ssl = LDAP_SSL_START_TLS;
845 Globals.ldap_ssl_ads = false;
846 Globals.ldap_deref = -1;
847 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
848 Globals.ldap_delete_dn = false;
849 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
850 Globals.ldap_follow_referral = Auto;
851 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
852 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
853 Globals.ldap_page_size = LDAP_PAGE_SIZE;
855 Globals.ldap_debug_level = 0;
856 Globals.ldap_debug_threshold = 10;
858 /* This is what we tell the afs client. in reality we set the token
859 * to never expire, though, when this runs out the afs client will
860 * forget the token. Set to 0 to get NEVERDATE.*/
861 Globals.afs_token_lifetime = 604800;
862 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
864 /* these parameters are set to defaults that are more appropriate
865 for the increasing samba install base:
867 as a member of the workgroup, that will possibly become a
868 _local_ master browser (lm = true). this is opposed to a forced
869 local master browser startup (pm = true).
871 doesn't provide WINS server service by default (wsupp = false),
872 and doesn't provide domain master browser services by default, either.
876 Globals.show_add_printer_wizard = true;
877 Globals.os_level = 20;
878 Globals.local_master = true;
879 Globals._domain_master = Auto; /* depending on _domain_logons */
880 Globals._domain_logons = false;
881 Globals.browse_list = true;
882 Globals.we_are_a_wins_server = false;
883 Globals.wins_proxy = false;
885 TALLOC_FREE(Globals.init_logon_delayed_hosts);
886 Globals.init_logon_delay = 100; /* 100 ms default delay */
888 Globals.wins_dns_proxy = true;
890 Globals.allow_trusted_domains = true;
891 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
893 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
894 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
895 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
896 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
898 string_set(Globals.ctx, &Globals.cups_server, "");
899 string_set(Globals.ctx, &Globals.iprint_server, "");
901 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
903 Globals.cluster_addresses = NULL;
904 Globals.clustering = false;
905 Globals.ctdb_timeout = 0;
906 Globals.ctdb_locktime_warn_threshold = 0;
908 Globals.winbind_cache_time = 300; /* 5 minutes */
909 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
910 Globals.winbind_max_clients = 200;
911 Globals.winbind_enum_users = false;
912 Globals.winbind_enum_groups = false;
913 Globals.winbind_use_default_domain = false;
914 Globals.winbind_trusted_domains_only = false;
915 Globals.winbind_nested_groups = true;
916 Globals.winbind_expand_groups = 1;
917 Globals.winbind_nss_info = (const char **)str_list_make_v3(NULL, "template", NULL);
918 Globals.winbind_refresh_tickets = false;
919 Globals.winbind_offline_logon = false;
921 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
922 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
924 Globals.passdb_expand_explicit = false;
926 Globals.name_cache_timeout = 660; /* In seconds */
928 Globals.use_spnego = true;
929 Globals.client_use_spnego = true;
931 Globals.client_signing = SMB_SIGNING_DEFAULT;
932 Globals.server_signing = SMB_SIGNING_DEFAULT;
934 Globals.defer_sharing_violations = true;
935 Globals.smb_ports = (const char **)str_list_make_v3(NULL, SMB_PORTS, NULL);
937 Globals.enable_privileges = true;
938 Globals.host_msdfs = true;
939 Globals.enable_asu_support = false;
941 /* User defined shares. */
942 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
944 smb_panic("init_globals: ENOMEM");
946 string_set(Globals.ctx, &Globals.usershare_path, s);
948 string_set(Globals.ctx, &Globals.usershare_template_share, "");
949 Globals.usershare_max_shares = 0;
950 /* By default disallow sharing of directories not owned by the sharer. */
951 Globals.usershare_owner_only = true;
952 /* By default disallow guest access to usershares. */
953 Globals.usershare_allow_guests = false;
955 Globals.keepalive = DEFAULT_KEEPALIVE;
957 /* By default no shares out of the registry */
958 Globals.registry_shares = false;
960 Globals.iminreceivefile = 0;
962 Globals.map_untrusted_to_domain = false;
963 Globals.multicast_dns_register = true;
965 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
966 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
967 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
968 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
970 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
972 Globals.server_services = (const char **)str_list_make_v3(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate dns", NULL);
974 Globals.dcerpc_endpoint_servers = (const char **)str_list_make_v3(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
976 Globals.tls_enabled = true;
978 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
979 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
980 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
982 string_set(Globals.ctx, &Globals.share_backend, "classic");
984 Globals.iPreferredMaster = Auto;
986 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
988 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
990 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
992 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
994 smb_panic("init_globals: ENOMEM");
996 Globals.samba_kcc_command = (const char **)str_list_make_v3(NULL, s, NULL);
999 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
1001 smb_panic("init_globals: ENOMEM");
1003 Globals.dns_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1006 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
1008 smb_panic("init_globals: ENOMEM");
1010 Globals.spn_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1013 Globals.nsupdate_command = (const char **)str_list_make_v3(NULL, "/usr/bin/nsupdate -g", NULL);
1015 Globals.rndc_command = (const char **)str_list_make_v3(NULL, "/usr/sbin/rndc", NULL);
1017 Globals.cldap_port = 389;
1019 Globals.dgram_port = 138;
1021 Globals.nbt_port = 137;
1023 Globals.krb5_port = 88;
1025 Globals.kpasswd_port = 464;
1027 Globals.web_port = 901;
1029 /* Now put back the settings that were set with lp_set_cmdline() */
1030 apply_lp_set_cmdline();
1033 /*******************************************************************
1034 Convenience routine to grab string parameters into talloced memory
1035 and run standard_sub_basic on them. The buffers can be written to by
1036 callers without affecting the source string.
1037 ********************************************************************/
1039 char *lp_string(TALLOC_CTX *ctx, const char *s)
1043 /* The follow debug is useful for tracking down memory problems
1044 especially if you have an inner loop that is calling a lp_*()
1045 function that returns a string. Perhaps this debug should be
1046 present all the time? */
1049 DEBUG(10, ("lp_string(%s)\n", s));
1055 ret = talloc_sub_basic(ctx,
1056 get_current_username(),
1057 current_user_info.domain,
1059 if (trim_char(ret, '\"', '\"')) {
1060 if (strchr(ret,'\"') != NULL) {
1062 ret = talloc_sub_basic(ctx,
1063 get_current_username(),
1064 current_user_info.domain,
1072 In this section all the functions that are used to access the
1073 parameters from the rest of the program are defined
1076 #define FN_GLOBAL_STRING(fn_name,ptr) \
1077 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1078 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1079 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1080 #define FN_GLOBAL_LIST(fn_name,ptr) \
1081 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1082 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1083 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1084 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1085 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1086 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1087 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1089 #define FN_LOCAL_STRING(fn_name,val) \
1090 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1091 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1092 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1093 #define FN_LOCAL_LIST(fn_name,val) \
1094 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1095 #define FN_LOCAL_BOOL(fn_name,val) \
1096 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1097 #define FN_LOCAL_INTEGER(fn_name,val) \
1098 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1100 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1101 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1102 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1103 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1104 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1105 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1107 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1108 winbindMaxDomainConnections)
1110 int lp_winbind_max_domain_connections(void)
1112 if (lp_winbind_offline_logon() &&
1113 lp_winbind_max_domain_connections_int() > 1) {
1114 DEBUG(1, ("offline logons active, restricting max domain "
1115 "connections to 1\n"));
1118 return MAX(1, lp_winbind_max_domain_connections_int());
1121 int lp_smb2_max_credits(void)
1123 if (Globals.ismb2_max_credits == 0) {
1124 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1126 return Globals.ismb2_max_credits;
1128 int lp_cups_encrypt(void)
1131 #ifdef HAVE_HTTPCONNECTENCRYPT
1132 switch (Globals.CupsEncrypt) {
1134 result = HTTP_ENCRYPT_REQUIRED;
1137 result = HTTP_ENCRYPT_ALWAYS;
1140 result = HTTP_ENCRYPT_NEVER;
1147 /* These functions remain in source3/param for now */
1149 #include "lib/param/param_functions.c"
1151 FN_LOCAL_STRING(servicename, szService)
1152 FN_LOCAL_CONST_STRING(const_servicename, szService)
1154 /* These functions cannot be auto-generated */
1155 FN_LOCAL_BOOL(autoloaded, autoloaded)
1157 /* local prototypes */
1159 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1160 static const char *get_boolean(bool bool_value);
1161 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1163 static bool do_section(const char *pszSectionName, void *userdata);
1164 static bool hash_a_service(const char *name, int number);
1165 static void free_service_byindex(int iService);
1166 static void show_parameter(int parmIndex);
1167 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1170 * This is a helper function for parametrical options support. It returns a
1171 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1172 * parametrical functions are quite simple
1174 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1177 if (snum >= iNumServices) return NULL;
1180 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1182 return get_parametric_helper(ServicePtrs[snum],
1183 type, option, Globals.param_opt);
1188 #define MISSING_PARAMETER(name) \
1189 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1191 /*******************************************************************
1192 convenience routine to return enum parameters.
1193 ********************************************************************/
1194 static int lp_enum(const char *s,const struct enum_list *_enum)
1198 if (!s || !*s || !_enum) {
1199 MISSING_PARAMETER(lp_enum);
1203 for (i=0; _enum[i].name; i++) {
1204 if (strequal(_enum[i].name,s))
1205 return _enum[i].value;
1208 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1212 #undef MISSING_PARAMETER
1214 /* Return parametric option from a given service. Type is a part of option before ':' */
1215 /* Parametric option has following syntax: 'Type: option = value' */
1216 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1218 struct parmlist_entry *data = get_parametrics(snum, type, option);
1220 if (data == NULL||data->value==NULL) {
1222 return lp_string(ctx, def);
1228 return lp_string(ctx, data->value);
1231 /* Return parametric option from a given service. Type is a part of option before ':' */
1232 /* Parametric option has following syntax: 'Type: option = value' */
1233 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1235 struct parmlist_entry *data = get_parametrics(snum, type, option);
1237 if (data == NULL||data->value==NULL)
1244 /* Return parametric option from a given service. Type is a part of option before ':' */
1245 /* Parametric option has following syntax: 'Type: option = value' */
1247 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1249 struct parmlist_entry *data = get_parametrics(snum, type, option);
1251 if (data == NULL||data->value==NULL)
1252 return (const char **)def;
1254 if (data->list==NULL) {
1255 data->list = str_list_make_v3(NULL, data->value, NULL);
1258 return (const char **)data->list;
1261 /* Return parametric option from a given service. Type is a part of option before ':' */
1262 /* Parametric option has following syntax: 'Type: option = value' */
1264 int lp_parm_int(int snum, const char *type, const char *option, int def)
1266 struct parmlist_entry *data = get_parametrics(snum, type, option);
1268 if (data && data->value && *data->value)
1269 return lp_int(data->value);
1274 /* Return parametric option from a given service. Type is a part of option before ':' */
1275 /* Parametric option has following syntax: 'Type: option = value' */
1277 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1279 struct parmlist_entry *data = get_parametrics(snum, type, option);
1281 if (data && data->value && *data->value)
1282 return lp_ulong(data->value);
1287 /* Return parametric option from a given service. Type is a part of option before ':' */
1288 /* Parametric option has following syntax: 'Type: option = value' */
1290 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1292 struct parmlist_entry *data = get_parametrics(snum, type, option);
1294 if (data && data->value && *data->value)
1295 return lp_bool(data->value);
1300 /* Return parametric option from a given service. Type is a part of option before ':' */
1301 /* Parametric option has following syntax: 'Type: option = value' */
1303 int lp_parm_enum(int snum, const char *type, const char *option,
1304 const struct enum_list *_enum, int def)
1306 struct parmlist_entry *data = get_parametrics(snum, type, option);
1308 if (data && data->value && *data->value && _enum)
1309 return lp_enum(data->value, _enum);
1315 * free a param_opts structure.
1316 * param_opts handling should be moved to talloc;
1317 * then this whole functions reduces to a TALLOC_FREE().
1320 static void free_param_opts(struct parmlist_entry **popts)
1322 struct parmlist_entry *opt, *next_opt;
1324 if (*popts != NULL) {
1325 DEBUG(5, ("Freeing parametrics:\n"));
1328 while (opt != NULL) {
1329 string_free(&opt->key);
1330 string_free(&opt->value);
1331 TALLOC_FREE(opt->list);
1332 next_opt = opt->next;
1339 /***************************************************************************
1340 Free the dynamically allocated parts of a service struct.
1341 ***************************************************************************/
1343 static void free_service(struct loadparm_service *pservice)
1348 if (pservice->szService)
1349 DEBUG(5, ("free_service: Freeing service %s\n",
1350 pservice->szService));
1352 free_parameters(pservice);
1354 string_free(&pservice->szService);
1355 TALLOC_FREE(pservice->copymap);
1357 free_param_opts(&pservice->param_opt);
1359 ZERO_STRUCTP(pservice);
1363 /***************************************************************************
1364 remove a service indexed in the ServicePtrs array from the ServiceHash
1365 and free the dynamically allocated parts
1366 ***************************************************************************/
1368 static void free_service_byindex(int idx)
1370 if ( !LP_SNUM_OK(idx) )
1373 ServicePtrs[idx]->valid = false;
1375 /* we have to cleanup the hash record */
1377 if (ServicePtrs[idx]->szService) {
1378 char *canon_name = canonicalize_servicename(
1380 ServicePtrs[idx]->szService );
1382 dbwrap_delete_bystring(ServiceHash, canon_name );
1383 TALLOC_FREE(canon_name);
1386 free_service(ServicePtrs[idx]);
1387 talloc_free_children(ServicePtrs[idx]);
1390 /***************************************************************************
1391 Add a new service to the services array initialising it with the given
1393 ***************************************************************************/
1395 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1398 int num_to_alloc = iNumServices + 1;
1399 struct loadparm_service **tsp = NULL;
1401 /* it might already exist */
1403 i = getservicebyname(name, NULL);
1409 /* if not, then create one */
1411 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1413 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1417 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1418 if (!ServicePtrs[iNumServices]) {
1419 DEBUG(0,("add_a_service: out of memory!\n"));
1424 ServicePtrs[i]->valid = true;
1426 copy_service(ServicePtrs[i], pservice, NULL);
1428 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1430 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1431 i, ServicePtrs[i]->szService));
1433 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1440 /***************************************************************************
1441 Convert a string to uppercase and remove whitespaces.
1442 ***************************************************************************/
1444 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1449 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1453 result = talloc_strdup(ctx, src);
1454 SMB_ASSERT(result != NULL);
1456 if (!strlower_m(result)) {
1457 TALLOC_FREE(result);
1463 /***************************************************************************
1464 Add a name/index pair for the services array to the hash table.
1465 ***************************************************************************/
1467 static bool hash_a_service(const char *name, int idx)
1471 if ( !ServiceHash ) {
1472 DEBUG(10,("hash_a_service: creating servicehash\n"));
1473 ServiceHash = db_open_rbt(NULL);
1474 if ( !ServiceHash ) {
1475 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1480 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1483 canon_name = canonicalize_servicename(talloc_tos(), name );
1485 dbwrap_store_bystring(ServiceHash, canon_name,
1486 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1489 TALLOC_FREE(canon_name);
1494 /***************************************************************************
1495 Add a new home service, with the specified home directory, defaults coming
1497 ***************************************************************************/
1499 bool lp_add_home(const char *pszHomename, int iDefaultService,
1500 const char *user, const char *pszHomedir)
1504 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1505 pszHomedir[0] == '\0') {
1509 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1514 if (!(*(ServicePtrs[iDefaultService]->path))
1515 || strequal(ServicePtrs[iDefaultService]->path,
1516 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1517 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1520 if (!(*(ServicePtrs[i]->comment))) {
1521 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1522 if (comment == NULL) {
1525 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1526 TALLOC_FREE(comment);
1529 /* set the browseable flag from the global default */
1531 ServicePtrs[i]->browseable = sDefault.browseable;
1532 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1534 ServicePtrs[i]->autoloaded = true;
1536 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1537 user, ServicePtrs[i]->path ));
1542 /***************************************************************************
1543 Add a new service, based on an old one.
1544 ***************************************************************************/
1546 int lp_add_service(const char *pszService, int iDefaultService)
1548 if (iDefaultService < 0) {
1549 return add_a_service(&sDefault, pszService);
1552 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1555 /***************************************************************************
1556 Add the IPC service.
1557 ***************************************************************************/
1559 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1561 char *comment = NULL;
1562 int i = add_a_service(&sDefault, ipc_name);
1567 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1568 Globals.server_string);
1569 if (comment == NULL) {
1573 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1574 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1575 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1576 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1577 ServicePtrs[i]->max_connections = 0;
1578 ServicePtrs[i]->bAvailable = true;
1579 ServicePtrs[i]->read_only = true;
1580 ServicePtrs[i]->guest_only = false;
1581 ServicePtrs[i]->administrative_share = true;
1582 ServicePtrs[i]->guest_ok = guest_ok;
1583 ServicePtrs[i]->printable = false;
1584 ServicePtrs[i]->browseable = sDefault.browseable;
1586 DEBUG(3, ("adding IPC service\n"));
1588 TALLOC_FREE(comment);
1592 /***************************************************************************
1593 Add a new printer service, with defaults coming from service iFrom.
1594 ***************************************************************************/
1596 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1598 const char *comment = "From Printcap";
1599 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1604 /* note that we do NOT default the availability flag to true - */
1605 /* we take it from the default service passed. This allows all */
1606 /* dynamic printers to be disabled by disabling the [printers] */
1607 /* entry (if/when the 'available' keyword is implemented!). */
1609 /* the printer name is set to the service name. */
1610 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1611 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1613 /* set the browseable flag from the gloabl default */
1614 ServicePtrs[i]->browseable = sDefault.browseable;
1616 /* Printers cannot be read_only. */
1617 ServicePtrs[i]->read_only = false;
1618 /* No oplocks on printer services. */
1619 ServicePtrs[i]->oplocks = false;
1620 /* Printer services must be printable. */
1621 ServicePtrs[i]->printable = true;
1623 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1629 /***************************************************************************
1630 Check whether the given parameter name is valid.
1631 Parametric options (names containing a colon) are considered valid.
1632 ***************************************************************************/
1634 bool lp_parameter_is_valid(const char *pszParmName)
1636 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1637 (strchr(pszParmName, ':') != NULL));
1640 /***************************************************************************
1641 Check whether the given name is the name of a global parameter.
1642 Returns true for strings belonging to parameters of class
1643 P_GLOBAL, false for all other strings, also for parametric options
1644 and strings not belonging to any option.
1645 ***************************************************************************/
1647 bool lp_parameter_is_global(const char *pszParmName)
1649 int num = lpcfg_map_parameter(pszParmName);
1652 return (parm_table[num].p_class == P_GLOBAL);
1658 /**************************************************************************
1659 Check whether the given name is the canonical name of a parameter.
1660 Returns false if it is not a valid parameter Name.
1661 For parametric options, true is returned.
1662 **************************************************************************/
1664 bool lp_parameter_is_canonical(const char *parm_name)
1666 if (!lp_parameter_is_valid(parm_name)) {
1670 return (lpcfg_map_parameter(parm_name) ==
1671 map_parameter_canonical(parm_name, NULL));
1674 /**************************************************************************
1675 Determine the canonical name for a parameter.
1676 Indicate when it is an inverse (boolean) synonym instead of a
1678 **************************************************************************/
1680 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1685 if (!lp_parameter_is_valid(parm_name)) {
1690 num = map_parameter_canonical(parm_name, inverse);
1692 /* parametric option */
1693 *canon_parm = parm_name;
1695 *canon_parm = parm_table[num].label;
1702 /**************************************************************************
1703 Determine the canonical name for a parameter.
1704 Turn the value given into the inverse boolean expression when
1705 the synonym is an invers boolean synonym.
1707 Return true if parm_name is a valid parameter name and
1708 in case it is an invers boolean synonym, if the val string could
1709 successfully be converted to the reverse bool.
1710 Return false in all other cases.
1711 **************************************************************************/
1713 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1715 const char **canon_parm,
1716 const char **canon_val)
1721 if (!lp_parameter_is_valid(parm_name)) {
1727 num = map_parameter_canonical(parm_name, &inverse);
1729 /* parametric option */
1730 *canon_parm = parm_name;
1733 *canon_parm = parm_table[num].label;
1735 if (!lp_invert_boolean(val, canon_val)) {
1747 /***************************************************************************
1748 Map a parameter's string representation to the index of the canonical
1749 form of the parameter (it might be a synonym).
1750 Returns -1 if the parameter string is not recognised.
1751 ***************************************************************************/
1753 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1755 int parm_num, canon_num;
1756 bool loc_inverse = false;
1758 parm_num = lpcfg_map_parameter(pszParmName);
1759 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1760 /* invalid, parametric or no canidate for synonyms ... */
1764 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1765 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1766 parm_num = canon_num;
1772 if (inverse != NULL) {
1773 *inverse = loc_inverse;
1778 /***************************************************************************
1779 return true if parameter number parm1 is a synonym of parameter
1780 number parm2 (parm2 being the principal name).
1781 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1783 ***************************************************************************/
1785 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1787 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1788 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1789 (parm_table[parm1].flags & FLAG_HIDE) &&
1790 !(parm_table[parm2].flags & FLAG_HIDE))
1792 if (inverse != NULL) {
1793 if ((parm_table[parm1].type == P_BOOLREV) &&
1794 (parm_table[parm2].type == P_BOOL))
1806 /***************************************************************************
1807 Show one parameter's name, type, [values,] and flags.
1808 (helper functions for show_parameter_list)
1809 ***************************************************************************/
1811 static void show_parameter(int parmIndex)
1813 int enumIndex, flagIndex;
1818 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1819 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1821 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
1822 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
1824 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
1825 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
1826 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
1828 printf("%s=%s", parm_table[parmIndex].label,
1829 type[parm_table[parmIndex].type]);
1830 if (parm_table[parmIndex].type == P_ENUM) {
1833 parm_table[parmIndex].enum_list[enumIndex].name;
1837 enumIndex ? "|" : "",
1838 parm_table[parmIndex].enum_list[enumIndex].name);
1843 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1844 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1847 flag_names[flagIndex]);
1852 /* output synonyms */
1854 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1855 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1856 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1857 parm_table[parmIndex2].label);
1858 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1860 printf(" (synonyms: ");
1865 printf("%s%s", parm_table[parmIndex2].label,
1866 inverse ? "[i]" : "");
1876 /***************************************************************************
1877 Show all parameter's name, type, [values,] and flags.
1878 ***************************************************************************/
1880 void show_parameter_list(void)
1882 int classIndex, parmIndex;
1883 const char *section_names[] = { "local", "global", NULL};
1885 for (classIndex=0; section_names[classIndex]; classIndex++) {
1886 printf("[%s]\n", section_names[classIndex]);
1887 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1888 if (parm_table[parmIndex].p_class == classIndex) {
1889 show_parameter(parmIndex);
1895 /***************************************************************************
1896 Get the standard string representation of a boolean value ("yes" or "no")
1897 ***************************************************************************/
1899 static const char *get_boolean(bool bool_value)
1901 static const char *yes_str = "yes";
1902 static const char *no_str = "no";
1904 return (bool_value ? yes_str : no_str);
1907 /***************************************************************************
1908 Provide the string of the negated boolean value associated to the boolean
1909 given as a string. Returns false if the passed string does not correctly
1910 represent a boolean.
1911 ***************************************************************************/
1913 bool lp_invert_boolean(const char *str, const char **inverse_str)
1917 if (!set_boolean(str, &val)) {
1921 *inverse_str = get_boolean(!val);
1925 /***************************************************************************
1926 Provide the canonical string representation of a boolean value given
1927 as a string. Return true on success, false if the string given does
1928 not correctly represent a boolean.
1929 ***************************************************************************/
1931 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1935 if (!set_boolean(str, &val)) {
1939 *canon_str = get_boolean(val);
1943 /***************************************************************************
1944 Find a service by name. Otherwise works like get_service.
1945 ***************************************************************************/
1947 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1954 if (ServiceHash == NULL) {
1958 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1960 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1963 if (NT_STATUS_IS_OK(status) &&
1964 (data.dptr != NULL) &&
1965 (data.dsize == sizeof(iService)))
1967 iService = *(int *)data.dptr;
1970 TALLOC_FREE(canon_name);
1972 if ((iService != -1) && (LP_SNUM_OK(iService))
1973 && (pserviceDest != NULL)) {
1974 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1980 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1981 struct loadparm_service *lp_service(const char *pszServiceName)
1983 int iService = getservicebyname(pszServiceName, NULL);
1984 if (iService == -1 || !LP_SNUM_OK(iService)) {
1987 return ServicePtrs[iService];
1990 struct loadparm_service *lp_servicebynum(int snum)
1992 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1995 return ServicePtrs[snum];
1998 struct loadparm_service *lp_default_loadparm_service()
2003 /***************************************************************************
2004 Check a service for consistency. Return false if the service is in any way
2005 incomplete or faulty, else true.
2006 ***************************************************************************/
2008 bool service_ok(int iService)
2013 if (ServicePtrs[iService]->szService[0] == '\0') {
2014 DEBUG(0, ("The following message indicates an internal error:\n"));
2015 DEBUG(0, ("No service name in service entry.\n"));
2019 /* The [printers] entry MUST be printable. I'm all for flexibility, but */
2020 /* I can't see why you'd want a non-printable printer service... */
2021 if (strwicmp(ServicePtrs[iService]->szService, PRINTERS_NAME) == 0) {
2022 if (!ServicePtrs[iService]->printable) {
2023 DEBUG(0, ("WARNING: [%s] service MUST be printable!\n",
2024 ServicePtrs[iService]->szService));
2025 ServicePtrs[iService]->printable = true;
2027 /* [printers] service must also be non-browsable. */
2028 if (ServicePtrs[iService]->browseable)
2029 ServicePtrs[iService]->browseable = false;
2032 if (ServicePtrs[iService]->path[0] == '\0' &&
2033 strwicmp(ServicePtrs[iService]->szService, HOMES_NAME) != 0 &&
2034 ServicePtrs[iService]->msdfs_proxy[0] == '\0'
2036 DEBUG(0, ("WARNING: No path in service %s - making it unavailable!\n",
2037 ServicePtrs[iService]->szService));
2038 ServicePtrs[iService]->bAvailable = false;
2041 /* If a service is flagged unavailable, log the fact at level 1. */
2042 if (!ServicePtrs[iService]->bAvailable)
2043 DEBUG(1, ("NOTE: Service %s is flagged unavailable.\n",
2044 ServicePtrs[iService]->szService));
2049 static struct smbconf_ctx *lp_smbconf_ctx(void)
2052 static struct smbconf_ctx *conf_ctx = NULL;
2054 if (conf_ctx == NULL) {
2055 err = smbconf_init(NULL, &conf_ctx, "registry:");
2056 if (!SBC_ERROR_IS_OK(err)) {
2057 DEBUG(1, ("error initializing registry configuration: "
2058 "%s\n", sbcErrorString(err)));
2066 static bool process_smbconf_service(struct smbconf_service *service)
2071 if (service == NULL) {
2075 ret = do_section(service->name, NULL);
2079 for (count = 0; count < service->num_params; count++) {
2080 ret = do_parameter(service->param_names[count],
2081 service->param_values[count],
2087 if (iServiceIndex >= 0) {
2088 return service_ok(iServiceIndex);
2094 * load a service from registry and activate it
2096 bool process_registry_service(const char *service_name)
2099 struct smbconf_service *service = NULL;
2100 TALLOC_CTX *mem_ctx = talloc_stackframe();
2101 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2104 if (conf_ctx == NULL) {
2108 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2110 if (!smbconf_share_exists(conf_ctx, service_name)) {
2112 * Registry does not contain data for this service (yet),
2113 * but make sure lp_load doesn't return false.
2119 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2120 if (!SBC_ERROR_IS_OK(err)) {
2124 ret = process_smbconf_service(service);
2130 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2133 TALLOC_FREE(mem_ctx);
2138 * process_registry_globals
2140 static bool process_registry_globals(void)
2144 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2146 ret = do_parameter("registry shares", "yes", NULL);
2151 return process_registry_service(GLOBAL_NAME);
2154 bool process_registry_shares(void)
2158 struct smbconf_service **service = NULL;
2159 uint32_t num_shares = 0;
2160 TALLOC_CTX *mem_ctx = talloc_stackframe();
2161 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2164 if (conf_ctx == NULL) {
2168 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2169 if (!SBC_ERROR_IS_OK(err)) {
2175 for (count = 0; count < num_shares; count++) {
2176 if (strequal(service[count]->name, GLOBAL_NAME)) {
2179 ret = process_smbconf_service(service[count]);
2186 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2189 TALLOC_FREE(mem_ctx);
2194 * reload those shares from registry that are already
2195 * activated in the services array.
2197 static bool reload_registry_shares(void)
2202 for (i = 0; i < iNumServices; i++) {
2207 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2211 ret = process_registry_service(ServicePtrs[i]->szService);
2222 #define MAX_INCLUDE_DEPTH 100
2224 static uint8_t include_depth;
2227 * Free the file lists
2229 static void free_file_list(void)
2231 struct file_lists *f;
2232 struct file_lists *next;
2245 * Utility function for outsiders to check if we're running on registry.
2247 bool lp_config_backend_is_registry(void)
2249 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2253 * Utility function to check if the config backend is FILE.
2255 bool lp_config_backend_is_file(void)
2257 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2260 /*******************************************************************
2261 Check if a config file has changed date.
2262 ********************************************************************/
2264 bool lp_file_list_changed(void)
2266 struct file_lists *f = file_lists;
2268 DEBUG(6, ("lp_file_list_changed()\n"));
2273 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2274 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2276 if (conf_ctx == NULL) {
2279 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2282 DEBUGADD(6, ("registry config changed\n"));
2287 n2 = talloc_sub_basic(talloc_tos(),
2288 get_current_username(),
2289 current_user_info.domain,
2294 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2295 f->name, n2, ctime(&f->modtime)));
2297 mod_time = file_modtime(n2);
2300 ((f->modtime != mod_time) ||
2301 (f->subfname == NULL) ||
2302 (strcmp(n2, f->subfname) != 0)))
2305 ("file %s modified: %s\n", n2,
2307 f->modtime = mod_time;
2308 TALLOC_FREE(f->subfname);
2309 f->subfname = talloc_strdup(f, n2);
2310 if (f->subfname == NULL) {
2311 smb_panic("talloc_strdup failed");
2325 * Initialize iconv conversion descriptors.
2327 * This is called the first time it is needed, and also called again
2328 * every time the configuration is reloaded, because the charset or
2329 * codepage might have changed.
2331 static void init_iconv(void)
2333 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2335 true, global_iconv_handle);
2338 /***************************************************************************
2339 Handle the include operation.
2340 ***************************************************************************/
2341 static bool bAllowIncludeRegistry = true;
2343 bool lp_include(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2347 if (include_depth >= MAX_INCLUDE_DEPTH) {
2348 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2353 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2354 if (!bAllowIncludeRegistry) {
2357 if (bInGlobalSection) {
2360 ret = process_registry_globals();
2364 DEBUG(1, ("\"include = registry\" only effective "
2365 "in %s section\n", GLOBAL_NAME));
2370 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2371 current_user_info.domain,
2374 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2377 string_set(Globals.ctx, ptr, fname);
2379 string_set(ServicePtrs[snum], ptr, fname);
2382 if (file_exist(fname)) {
2385 ret = pm_process(fname, do_section, do_parameter, NULL);
2391 DEBUG(2, ("Can't find include file %s\n", fname));
2396 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2398 char *config_option = NULL;
2399 const char *range = NULL;
2402 SMB_ASSERT(low != NULL);
2403 SMB_ASSERT(high != NULL);
2405 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2409 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2411 if (config_option == NULL) {
2412 DEBUG(0, ("out of memory\n"));
2416 range = lp_parm_const_string(-1, config_option, "range", NULL);
2417 if (range == NULL) {
2418 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2422 if (sscanf(range, "%u - %u", low, high) != 2) {
2423 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2424 range, domain_name));
2431 talloc_free(config_option);
2436 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2438 return lp_idmap_range("*", low, high);
2441 const char *lp_idmap_backend(const char *domain_name)
2443 char *config_option = NULL;
2444 const char *backend = NULL;
2446 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2450 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2452 if (config_option == NULL) {
2453 DEBUG(0, ("out of memory\n"));
2457 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2458 if (backend == NULL) {
2459 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2464 talloc_free(config_option);
2468 const char *lp_idmap_default_backend(void)
2470 return lp_idmap_backend("*");
2473 /***************************************************************************
2474 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2475 ***************************************************************************/
2477 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2479 const char *suffix_string;
2481 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2482 Globals.ldap_suffix );
2483 if ( !suffix_string ) {
2484 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2488 return suffix_string;
2491 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2493 if (Globals.szLdapMachineSuffix[0])
2494 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2496 return lp_string(ctx, Globals.ldap_suffix);
2499 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2501 if (Globals.szLdapUserSuffix[0])
2502 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2504 return lp_string(ctx, Globals.ldap_suffix);
2507 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2509 if (Globals.szLdapGroupSuffix[0])
2510 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2512 return lp_string(ctx, Globals.ldap_suffix);
2515 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2517 if (Globals.szLdapIdmapSuffix[0])
2518 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2520 return lp_string(ctx, Globals.ldap_suffix);
2524 return the parameter pointer for a parameter
2526 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2528 if (service == NULL) {
2529 if (parm->p_class == P_LOCAL)
2530 return (void *)(((char *)&sDefault)+parm->offset);
2531 else if (parm->p_class == P_GLOBAL)
2532 return (void *)(((char *)&Globals)+parm->offset);
2535 return (void *)(((char *)service) + parm->offset);
2539 /***************************************************************************
2540 Return the local pointer to a parameter given the service number and parameter
2541 ***************************************************************************/
2543 void *lp_local_ptr_by_snum(int snum, struct parm_struct *parm)
2545 return lp_parm_ptr(ServicePtrs[snum], parm);
2548 /***************************************************************************
2549 Process a parameter for a particular service number. If snum < 0
2550 then assume we are in the globals.
2551 ***************************************************************************/
2553 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2556 void *parm_ptr = NULL; /* where we are going to store the result */
2557 struct parmlist_entry **opt_list;
2558 TALLOC_CTX *mem_ctx;
2560 parmnum = lpcfg_map_parameter(pszParmName);
2563 if (strchr(pszParmName, ':') == NULL) {
2564 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n",
2570 * We've got a parametric option
2574 opt_list = &Globals.param_opt;
2575 set_param_opt(NULL, opt_list, pszParmName, pszParmValue, 0);
2577 opt_list = &ServicePtrs[snum]->param_opt;
2578 set_param_opt(ServicePtrs[snum], opt_list, pszParmName, pszParmValue, 0);
2584 /* if it's already been set by the command line, then we don't
2586 if (parm_table[parmnum].flags & FLAG_CMDLINE) {
2590 if (parm_table[parmnum].flags & FLAG_DEPRECATED) {
2591 DEBUG(1, ("WARNING: The \"%s\" option is deprecated\n",
2595 /* we might point at a service, the default service or a global */
2597 parm_ptr = lp_parm_ptr(NULL, &parm_table[parmnum]);
2599 if (parm_table[parmnum].p_class == P_GLOBAL) {
2601 ("Global parameter %s found in service section!\n",
2605 parm_ptr = lp_local_ptr_by_snum(snum, &parm_table[parmnum]);
2609 if (!ServicePtrs[snum]->copymap)
2610 init_copymap(ServicePtrs[snum]);
2612 /* this handles the aliases - set the copymap for other entries with
2613 the same data pointer */
2614 for (i = 0; parm_table[i].label; i++) {
2615 if ((parm_table[i].offset == parm_table[parmnum].offset)
2616 && (parm_table[i].p_class == parm_table[parmnum].p_class)) {
2617 bitmap_clear(ServicePtrs[snum]->copymap, i);
2620 mem_ctx = ServicePtrs[snum];
2622 mem_ctx = Globals.ctx;
2625 /* if it is a special case then go ahead */
2626 if (parm_table[parmnum].special) {
2628 struct loadparm_context *lp_ctx = loadparm_init_s3(talloc_tos(),
2629 loadparm_s3_helpers());
2630 lp_ctx->sDefault = &sDefault;
2631 lp_ctx->services = ServicePtrs;
2632 ok = parm_table[parmnum].special(lp_ctx, snum, pszParmValue,
2634 TALLOC_FREE(lp_ctx);
2639 /* now switch on the type of variable it is */
2640 switch (parm_table[parmnum].type)
2643 *(bool *)parm_ptr = lp_bool(pszParmValue);
2647 *(bool *)parm_ptr = !lp_bool(pszParmValue);
2651 *(int *)parm_ptr = lp_int(pszParmValue);
2655 *(char *)parm_ptr = *pszParmValue;
2659 i = sscanf(pszParmValue, "%o", (int *)parm_ptr);
2661 DEBUG ( 0, ("Invalid octal number %s\n", pszParmName ));
2668 if (conv_str_size_error(pszParmValue, &val)) {
2669 if (val <= INT_MAX) {
2670 *(int *)parm_ptr = (int)val;
2675 DEBUG(0,("lp_do_parameter(%s): value is not "
2676 "a valid size specifier!\n", pszParmValue));
2682 TALLOC_FREE(*((char ***)parm_ptr));
2683 *(char ***)parm_ptr = str_list_make_v3(
2684 NULL, pszParmValue, NULL);
2688 string_set(mem_ctx, (char **)parm_ptr, pszParmValue);
2693 char *upper_string = strupper_talloc(talloc_tos(),
2695 string_set(mem_ctx, (char **)parm_ptr, upper_string);
2696 TALLOC_FREE(upper_string);
2700 if (!lp_set_enum_parm(&parm_table[parmnum], pszParmValue, (int*)parm_ptr)) {
2711 /***************************************************************************
2712 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2713 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2714 ***************************************************************************/
2716 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2719 parmnum = lpcfg_map_parameter(pszParmName);
2721 parm_table[parmnum].flags &= ~FLAG_CMDLINE;
2722 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2725 parm_table[parmnum].flags |= FLAG_CMDLINE;
2727 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2728 * be grouped in the table, so we don't have to search the
2731 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2732 && parm_table[i].p_class == parm_table[parmnum].p_class;
2734 parm_table[i].flags |= FLAG_CMDLINE;
2736 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2737 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2738 parm_table[i].flags |= FLAG_CMDLINE;
2744 /* it might be parametric */
2745 if (strchr(pszParmName, ':') != NULL) {
2746 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2750 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2754 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2757 TALLOC_CTX *frame = talloc_stackframe();
2759 ret = lp_set_cmdline_helper(pszParmName, pszParmValue);
2761 store_lp_set_cmdline(pszParmName, pszParmValue);
2768 /***************************************************************************
2769 Process a parameter.
2770 ***************************************************************************/
2772 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2775 if (!bInGlobalSection && bGlobalOnly)
2778 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2780 return (lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2781 pszParmName, pszParmValue));
2784 /***************************************************************************
2785 Initialize any local variables in the sDefault table, after parsing a
2787 ***************************************************************************/
2789 static void init_locals(void)
2792 * We run this check once the [globals] is parsed, to force
2793 * the VFS objects and other per-share settings we need for
2794 * the standard way a AD DC is operated. We may change these
2795 * as our code evolves, which is why we force these settings.
2797 * We can't do this at the end of lp_load_ex(), as by that
2798 * point the services have been loaded and they will already
2799 * have "" as their vfs objects.
2801 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2802 const char **vfs_objects = lp_vfs_objects(-1);
2803 if (!vfs_objects || !vfs_objects[0]) {
2804 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2805 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2806 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2807 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2809 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2813 lp_do_parameter(-1, "map hidden", "no");
2814 lp_do_parameter(-1, "map system", "no");
2815 lp_do_parameter(-1, "map readonly", "no");
2816 lp_do_parameter(-1, "map archive", "no");
2817 lp_do_parameter(-1, "store dos attributes", "yes");
2821 /***************************************************************************
2822 Process a new section (service). At this stage all sections are services.
2823 Later we'll have special sections that permit server parameters to be set.
2824 Returns true on success, false on failure.
2825 ***************************************************************************/
2827 static bool do_section(const char *pszSectionName, void *userdata)
2830 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2831 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2834 /* if we were in a global section then do the local inits */
2835 if (bInGlobalSection && !isglobal)
2838 /* if we've just struck a global section, note the fact. */
2839 bInGlobalSection = isglobal;
2841 /* check for multiple global sections */
2842 if (bInGlobalSection) {
2843 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2847 if (!bInGlobalSection && bGlobalOnly)
2850 /* if we have a current service, tidy it up before moving on */
2853 if (iServiceIndex >= 0)
2854 bRetval = service_ok(iServiceIndex);
2856 /* if all is still well, move to the next record in the services array */
2858 /* We put this here to avoid an odd message order if messages are */
2859 /* issued by the post-processing of a previous section. */
2860 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2862 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2863 if (iServiceIndex < 0) {
2864 DEBUG(0, ("Failed to add a new service\n"));
2867 /* Clean all parametric options for service */
2868 /* They will be added during parsing again */
2869 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2876 /***************************************************************************
2877 Determine if a partcular base parameter is currentl set to the default value.
2878 ***************************************************************************/
2880 static bool is_default(int i)
2882 switch (parm_table[i].type) {
2885 return str_list_equal((const char * const *)parm_table[i].def.lvalue,
2886 *(const char ***)lp_parm_ptr(NULL,
2890 return strequal(parm_table[i].def.svalue,
2891 *(char **)lp_parm_ptr(NULL,
2895 return parm_table[i].def.bvalue ==
2896 *(bool *)lp_parm_ptr(NULL,
2899 return parm_table[i].def.cvalue ==
2900 *(char *)lp_parm_ptr(NULL,
2906 return parm_table[i].def.ivalue ==
2907 *(int *)lp_parm_ptr(NULL,
2915 /***************************************************************************
2916 Display the contents of the global structure.
2917 ***************************************************************************/
2919 static void dump_globals(FILE *f)
2922 struct parmlist_entry *data;
2924 fprintf(f, "[global]\n");
2926 for (i = 0; parm_table[i].label; i++)
2927 if (parm_table[i].p_class == P_GLOBAL &&
2928 !(parm_table[i].flags & FLAG_META) &&
2929 (i == 0 || (parm_table[i].offset != parm_table[i - 1].offset))) {
2930 if (defaults_saved && is_default(i))
2932 fprintf(f, "\t%s = ", parm_table[i].label);
2933 lpcfg_print_parameter(&parm_table[i], lp_parm_ptr(NULL,
2938 if (Globals.param_opt != NULL) {
2939 data = Globals.param_opt;
2941 fprintf(f, "\t%s = %s\n", data->key, data->value);
2948 /***************************************************************************
2949 Display the contents of a single services record.
2950 ***************************************************************************/
2952 static void dump_a_service(struct loadparm_service *pService, FILE * f, bool show_defaults)
2954 return lpcfg_dump_a_service(pService, &sDefault, f, NULL, show_defaults);
2957 /***************************************************************************
2958 Display the contents of a parameter of a single services record.
2959 ***************************************************************************/
2961 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2963 bool result = false;
2965 struct loadparm_context *lp_ctx;
2967 lp_ctx = loadparm_init_s3(talloc_tos(), loadparm_s3_helpers());
2968 if (lp_ctx == NULL) {
2973 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2975 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2977 TALLOC_FREE(lp_ctx);
2981 /***************************************************************************
2982 Return info about the requested parameter (given as a string).
2983 Return NULL when the string is not a valid parameter name.
2984 ***************************************************************************/
2986 struct parm_struct *lp_get_parameter(const char *param_name)
2988 int num = lpcfg_map_parameter(param_name);
2994 return &parm_table[num];
2998 /***************************************************************************
2999 Display the contents of a single copy structure.
3000 ***************************************************************************/
3001 static void dump_copy_map(bool *pcopymap)
3007 printf("\n\tNon-Copied parameters:\n");
3009 for (i = 0; parm_table[i].label; i++)
3010 if (parm_table[i].p_class == P_LOCAL &&
3011 parm_table[i].ptr && !pcopymap[i] &&
3012 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
3014 printf("\t\t%s\n", parm_table[i].label);
3019 /***************************************************************************
3020 Return TRUE if the passed service number is within range.
3021 ***************************************************************************/
3023 bool lp_snum_ok(int iService)
3025 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
3028 /***************************************************************************
3029 Auto-load some home services.
3030 ***************************************************************************/
3032 static void lp_add_auto_services(char *str)
3042 s = talloc_strdup(talloc_tos(), str);
3044 smb_panic("talloc_strdup failed");
3048 homes = lp_servicenumber(HOMES_NAME);
3050 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
3051 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
3054 if (lp_servicenumber(p) >= 0)
3057 home = get_user_home_dir(talloc_tos(), p);
3059 if (home && home[0] && homes >= 0)
3060 lp_add_home(p, homes, p, home);
3067 /***************************************************************************
3068 Auto-load one printer.
3069 ***************************************************************************/
3071 void lp_add_one_printer(const char *name, const char *comment,
3072 const char *location, void *pdata)
3074 int printers = lp_servicenumber(PRINTERS_NAME);
3077 if (lp_servicenumber(name) < 0) {
3078 lp_add_printer(name, printers);
3079 if ((i = lp_servicenumber(name)) >= 0) {
3080 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
3081 ServicePtrs[i]->autoloaded = true;
3086 /***************************************************************************
3087 Have we loaded a services file yet?
3088 ***************************************************************************/
3090 bool lp_loaded(void)
3095 /***************************************************************************
3096 Unload unused services.
3097 ***************************************************************************/
3099 void lp_killunused(struct smbd_server_connection *sconn,
3100 bool (*snumused) (struct smbd_server_connection *, int))
3103 for (i = 0; i < iNumServices; i++) {
3107 /* don't kill autoloaded or usershare services */
3108 if ( ServicePtrs[i]->autoloaded ||
3109 ServicePtrs[i]->usershare == USERSHARE_VALID) {
3113 if (!snumused || !snumused(sconn, i)) {
3114 free_service_byindex(i);
3120 * Kill all except autoloaded and usershare services - convenience wrapper
3122 void lp_kill_all_services(void)
3124 lp_killunused(NULL, NULL);
3127 /***************************************************************************
3129 ***************************************************************************/
3131 void lp_killservice(int iServiceIn)
3133 if (VALID(iServiceIn)) {
3134 free_service_byindex(iServiceIn);
3138 /***************************************************************************
3139 Save the curent values of all global and sDefault parameters into the
3140 defaults union. This allows testparm to show only the
3141 changed (ie. non-default) parameters.
3142 ***************************************************************************/
3144 static void lp_save_defaults(void)
3147 for (i = 0; parm_table[i].label; i++) {
3148 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
3149 && parm_table[i].p_class == parm_table[i - 1].p_class)
3151 switch (parm_table[i].type) {
3154 parm_table[i].def.lvalue = str_list_copy(
3155 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
3159 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
3160 if (parm_table[i].def.svalue == NULL) {
3161 smb_panic("talloc_strdup failed");
3166 parm_table[i].def.bvalue =
3167 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
3170 parm_table[i].def.cvalue =
3171 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
3177 parm_table[i].def.ivalue =
3178 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
3184 defaults_saved = true;
3187 /***********************************************************
3188 If we should send plaintext/LANMAN passwords in the clinet
3189 ************************************************************/
3191 static void set_allowed_client_auth(void)
3193 if (Globals.client_ntlmv2_auth) {
3194 Globals.client_lanman_auth = false;
3196 if (!Globals.client_lanman_auth) {
3197 Globals.client_plaintext_auth = false;
3201 /***************************************************************************
3203 The following code allows smbd to read a user defined share file.
3204 Yes, this is my intent. Yes, I'm comfortable with that...
3206 THE FOLLOWING IS SECURITY CRITICAL CODE.
3208 It washes your clothes, it cleans your house, it guards you while you sleep...
3209 Do not f%^k with it....
3210 ***************************************************************************/
3212 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3214 /***************************************************************************
3215 Check allowed stat state of a usershare file.
3216 Ensure we print out who is dicking with us so the admin can
3217 get their sorry ass fired.
3218 ***************************************************************************/
3220 static bool check_usershare_stat(const char *fname,
3221 const SMB_STRUCT_STAT *psbuf)
3223 if (!S_ISREG(psbuf->st_ex_mode)) {
3224 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3225 "not a regular file\n",
3226 fname, (unsigned int)psbuf->st_ex_uid ));
3230 /* Ensure this doesn't have the other write bit set. */
3231 if (psbuf->st_ex_mode & S_IWOTH) {
3232 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3233 "public write. Refusing to allow as a usershare file.\n",
3234 fname, (unsigned int)psbuf->st_ex_uid ));
3238 /* Should be 10k or less. */
3239 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3240 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3241 "too large (%u) to be a user share file.\n",
3242 fname, (unsigned int)psbuf->st_ex_uid,
3243 (unsigned int)psbuf->st_ex_size ));
3250 /***************************************************************************
3251 Parse the contents of a usershare file.
3252 ***************************************************************************/
3254 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3255 SMB_STRUCT_STAT *psbuf,
3256 const char *servicename,
3260 char **pp_sharepath,
3262 char **pp_cp_servicename,
3263 struct security_descriptor **ppsd,
3266 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3267 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3270 SMB_STRUCT_STAT sbuf;
3271 char *sharepath = NULL;
3272 char *comment = NULL;
3274 *pp_sharepath = NULL;
3277 *pallow_guest = false;
3280 return USERSHARE_MALFORMED_FILE;
3283 if (strcmp(lines[0], "#VERSION 1") == 0) {
3285 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3288 return USERSHARE_MALFORMED_FILE;
3291 return USERSHARE_BAD_VERSION;
3294 if (strncmp(lines[1], "path=", 5) != 0) {
3295 return USERSHARE_MALFORMED_PATH;
3298 sharepath = talloc_strdup(ctx, &lines[1][5]);
3300 return USERSHARE_POSIX_ERR;
3302 trim_string(sharepath, " ", " ");
3304 if (strncmp(lines[2], "comment=", 8) != 0) {
3305 return USERSHARE_MALFORMED_COMMENT_DEF;
3308 comment = talloc_strdup(ctx, &lines[2][8]);
3310 return USERSHARE_POSIX_ERR;
3312 trim_string(comment, " ", " ");
3313 trim_char(comment, '"', '"');
3315 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3316 return USERSHARE_MALFORMED_ACL_DEF;
3319 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3320 return USERSHARE_ACL_ERR;
3324 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3325 return USERSHARE_MALFORMED_ACL_DEF;
3327 if (lines[4][9] == 'y') {
3328 *pallow_guest = true;
3331 /* Backwards compatible extension to file version #2. */
3333 if (strncmp(lines[5], "sharename=", 10) != 0) {
3334 return USERSHARE_MALFORMED_SHARENAME_DEF;
3336 if (!strequal(&lines[5][10], servicename)) {
3337 return USERSHARE_BAD_SHARENAME;
3339 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3340 if (!*pp_cp_servicename) {
3341 return USERSHARE_POSIX_ERR;
3346 if (*pp_cp_servicename == NULL) {
3347 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3348 if (!*pp_cp_servicename) {
3349 return USERSHARE_POSIX_ERR;
3353 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3354 /* Path didn't change, no checks needed. */
3355 *pp_sharepath = sharepath;
3356 *pp_comment = comment;
3357 return USERSHARE_OK;
3360 /* The path *must* be absolute. */
3361 if (sharepath[0] != '/') {
3362 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3363 servicename, sharepath));
3364 return USERSHARE_PATH_NOT_ABSOLUTE;
3367 /* If there is a usershare prefix deny list ensure one of these paths
3368 doesn't match the start of the user given path. */
3369 if (prefixdenylist) {
3371 for ( i=0; prefixdenylist[i]; i++ ) {
3372 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3373 servicename, i, prefixdenylist[i], sharepath ));
3374 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3375 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3376 "usershare prefix deny list entries.\n",
3377 servicename, sharepath));
3378 return USERSHARE_PATH_IS_DENIED;
3383 /* If there is a usershare prefix allow list ensure one of these paths
3384 does match the start of the user given path. */
3386 if (prefixallowlist) {
3388 for ( i=0; prefixallowlist[i]; i++ ) {
3389 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3390 servicename, i, prefixallowlist[i], sharepath ));
3391 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3395 if (prefixallowlist[i] == NULL) {
3396 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3397 "usershare prefix allow list entries.\n",
3398 servicename, sharepath));
3399 return USERSHARE_PATH_NOT_ALLOWED;
3403 /* Ensure this is pointing to a directory. */
3404 dp = opendir(sharepath);
3407 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3408 servicename, sharepath));
3409 return USERSHARE_PATH_NOT_DIRECTORY;
3412 /* Ensure the owner of the usershare file has permission to share
3415 if (sys_stat(sharepath, &sbuf, false) == -1) {
3416 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3417 servicename, sharepath, strerror(errno) ));
3419 return USERSHARE_POSIX_ERR;
3424 if (!S_ISDIR(sbuf.st_ex_mode)) {
3425 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3426 servicename, sharepath ));
3427 return USERSHARE_PATH_NOT_DIRECTORY;
3430 /* Check if sharing is restricted to owner-only. */
3431 /* psbuf is the stat of the usershare definition file,
3432 sbuf is the stat of the target directory to be shared. */
3434 if (lp_usershare_owner_only()) {
3435 /* root can share anything. */
3436 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3437 return USERSHARE_PATH_NOT_ALLOWED;
3441 *pp_sharepath = sharepath;
3442 *pp_comment = comment;
3443 return USERSHARE_OK;
3446 /***************************************************************************
3447 Deal with a usershare file.
3450 -1 - Bad name, invalid contents.
3451 - service name already existed and not a usershare, problem
3452 with permissions to share directory etc.
3453 ***************************************************************************/
3455 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3457 SMB_STRUCT_STAT sbuf;
3458 SMB_STRUCT_STAT lsbuf;
3460 char *sharepath = NULL;
3461 char *comment = NULL;
3462 char *cp_service_name = NULL;
3463 char **lines = NULL;
3467 TALLOC_CTX *ctx = talloc_stackframe();
3468 struct security_descriptor *psd = NULL;
3469 bool guest_ok = false;
3470 char *canon_name = NULL;
3471 bool added_service = false;
3474 /* Ensure share name doesn't contain invalid characters. */
3475 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3476 DEBUG(0,("process_usershare_file: share name %s contains "
3477 "invalid characters (any of %s)\n",
3478 file_name, INVALID_SHARENAME_CHARS ));
3482 canon_name = canonicalize_servicename(ctx, file_name);
3487 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3492 /* Minimize the race condition by doing an lstat before we
3493 open and fstat. Ensure this isn't a symlink link. */
3495 if (sys_lstat(fname, &lsbuf, false) != 0) {
3496 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3497 fname, strerror(errno) ));
3501 /* This must be a regular file, not a symlink, directory or
3502 other strange filetype. */
3503 if (!check_usershare_stat(fname, &lsbuf)) {
3511 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3516 if (NT_STATUS_IS_OK(status) &&
3517 (data.dptr != NULL) &&
3518 (data.dsize == sizeof(iService))) {
3519 memcpy(&iService, data.dptr, sizeof(iService));
3523 if (iService != -1 &&
3524 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3525 &lsbuf.st_ex_mtime) == 0) {
3526 /* Nothing changed - Mark valid and return. */
3527 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3529 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3534 /* Try and open the file read only - no symlinks allowed. */
3536 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3538 fd = open(fname, O_RDONLY, 0);
3542 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3543 fname, strerror(errno) ));
3547 /* Now fstat to be *SURE* it's a regular file. */
3548 if (sys_fstat(fd, &sbuf, false) != 0) {
3550 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3551 fname, strerror(errno) ));
3555 /* Is it the same dev/inode as was lstated ? */
3556 if (!check_same_stat(&lsbuf, &sbuf)) {
3558 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3559 "Symlink spoofing going on ?\n", fname ));
3563 /* This must be a regular file, not a symlink, directory or
3564 other strange filetype. */
3565 if (!check_usershare_stat(fname, &sbuf)) {
3570 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3573 if (lines == NULL) {
3574 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3575 fname, (unsigned int)sbuf.st_ex_uid ));
3579 if (parse_usershare_file(ctx, &sbuf, file_name,
3580 iService, lines, numlines, &sharepath,
3581 &comment, &cp_service_name,
3582 &psd, &guest_ok) != USERSHARE_OK) {
3586 /* Everything ok - add the service possibly using a template. */
3588 const struct loadparm_service *sp = &sDefault;
3589 if (snum_template != -1) {
3590 sp = ServicePtrs[snum_template];
3593 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3594 DEBUG(0, ("process_usershare_file: Failed to add "
3595 "new service %s\n", cp_service_name));
3599 added_service = true;
3601 /* Read only is controlled by usershare ACL below. */
3602 ServicePtrs[iService]->read_only = false;
3605 /* Write the ACL of the new/modified share. */
3606 if (!set_share_security(canon_name, psd)) {
3607 DEBUG(0, ("process_usershare_file: Failed to set share "
3608 "security for user share %s\n",
3613 /* If from a template it may be marked invalid. */
3614 ServicePtrs[iService]->valid = true;
3616 /* Set the service as a valid usershare. */
3617 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3619 /* Set guest access. */
3620 if (lp_usershare_allow_guests()) {
3621 ServicePtrs[iService]->guest_ok = guest_ok;
3624 /* And note when it was loaded. */
3625 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3626 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3627 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3633 if (ret == -1 && iService != -1 && added_service) {
3634 lp_remove_service(iService);
3642 /***************************************************************************
3643 Checks if a usershare entry has been modified since last load.
3644 ***************************************************************************/
3646 static bool usershare_exists(int iService, struct timespec *last_mod)
3648 SMB_STRUCT_STAT lsbuf;
3649 const char *usersharepath = Globals.usershare_path;
3652 fname = talloc_asprintf(talloc_tos(),
3655 ServicePtrs[iService]->szService);
3656 if (fname == NULL) {
3660 if (sys_lstat(fname, &lsbuf, false) != 0) {
3665 if (!S_ISREG(lsbuf.st_ex_mode)) {
3671 *last_mod = lsbuf.st_ex_mtime;
3675 /***************************************************************************
3676 Load a usershare service by name. Returns a valid servicenumber or -1.
3677 ***************************************************************************/
3679 int load_usershare_service(const char *servicename)
3681 SMB_STRUCT_STAT sbuf;
3682 const char *usersharepath = Globals.usershare_path;
3683 int max_user_shares = Globals.usershare_max_shares;
3684 int snum_template = -1;
3686 if (*usersharepath == 0 || max_user_shares == 0) {
3690 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3691 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3692 usersharepath, strerror(errno) ));
3696 if (!S_ISDIR(sbuf.st_ex_mode)) {
3697 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3703 * This directory must be owned by root, and have the 't' bit set.
3704 * It also must not be writable by "other".
3708 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3710 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3712 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3713 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3718 /* Ensure the template share exists if it's set. */
3719 if (Globals.usershare_template_share[0]) {
3720 /* We can't use lp_servicenumber here as we are recommending that
3721 template shares have -valid=false set. */
3722 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3723 if (ServicePtrs[snum_template]->szService &&
3724 strequal(ServicePtrs[snum_template]->szService,
3725 Globals.usershare_template_share)) {
3730 if (snum_template == -1) {
3731 DEBUG(0,("load_usershare_service: usershare template share %s "
3732 "does not exist.\n",
3733 Globals.usershare_template_share ));
3738 return process_usershare_file(usersharepath, servicename, snum_template);
3741 /***************************************************************************
3742 Load all user defined shares from the user share directory.
3743 We only do this if we're enumerating the share list.
3744 This is the function that can delete usershares that have
3746 ***************************************************************************/
3748 int load_usershare_shares(struct smbd_server_connection *sconn,
3749 bool (*snumused) (struct smbd_server_connection *, int))
3752 SMB_STRUCT_STAT sbuf;
3754 int num_usershares = 0;
3755 int max_user_shares = Globals.usershare_max_shares;
3756 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3757 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3758 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3760 int snum_template = -1;
3761 const char *usersharepath = Globals.usershare_path;
3762 int ret = lp_numservices();
3763 TALLOC_CTX *tmp_ctx;
3765 if (max_user_shares == 0 || *usersharepath == '\0') {
3766 return lp_numservices();
3769 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3770 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3771 usersharepath, strerror(errno) ));
3776 * This directory must be owned by root, and have the 't' bit set.
3777 * It also must not be writable by "other".
3781 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3783 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3785 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3786 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3791 /* Ensure the template share exists if it's set. */
3792 if (Globals.usershare_template_share[0]) {
3793 /* We can't use lp_servicenumber here as we are recommending that
3794 template shares have -valid=false set. */
3795 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3796 if (ServicePtrs[snum_template]->szService &&
3797 strequal(ServicePtrs[snum_template]->szService,
3798 Globals.usershare_template_share)) {
3803 if (snum_template == -1) {
3804 DEBUG(0,("load_usershare_shares: usershare template share %s "
3805 "does not exist.\n",
3806 Globals.usershare_template_share ));
3811 /* Mark all existing usershares as pending delete. */
3812 for (iService = iNumServices - 1; iService >= 0; iService--) {
3813 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3814 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3818 dp = opendir(usersharepath);
3820 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3821 usersharepath, strerror(errno) ));
3825 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3827 num_dir_entries++ ) {
3829 const char *n = de->d_name;
3831 /* Ignore . and .. */
3833 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3839 /* Temporary file used when creating a share. */
3840 num_tmp_dir_entries++;
3843 /* Allow 20% tmp entries. */
3844 if (num_tmp_dir_entries > allowed_tmp_entries) {
3845 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3846 "in directory %s\n",
3847 num_tmp_dir_entries, usersharepath));
3851 r = process_usershare_file(usersharepath, n, snum_template);
3853 /* Update the services count. */
3855 if (num_usershares >= max_user_shares) {
3856 DEBUG(0,("load_usershare_shares: max user shares reached "
3857 "on file %s in directory %s\n",
3858 n, usersharepath ));
3861 } else if (r == -1) {
3862 num_bad_dir_entries++;
3865 /* Allow 20% bad entries. */
3866 if (num_bad_dir_entries > allowed_bad_entries) {
3867 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3868 "in directory %s\n",
3869 num_bad_dir_entries, usersharepath));
3873 /* Allow 20% bad entries. */
3874 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3875 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3876 "in directory %s\n",
3877 num_dir_entries, usersharepath));
3884 /* Sweep through and delete any non-refreshed usershares that are
3885 not currently in use. */
3886 tmp_ctx = talloc_stackframe();
3887 for (iService = iNumServices - 1; iService >= 0; iService--) {
3888 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3891 if (snumused && snumused(sconn, iService)) {
3895 servname = lp_servicename(tmp_ctx, iService);
3897 /* Remove from the share ACL db. */
3898 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3900 delete_share_security(servname);
3901 free_service_byindex(iService);
3904 talloc_free(tmp_ctx);
3906 return lp_numservices();
3909 /********************************************************
3910 Destroy global resources allocated in this file
3911 ********************************************************/
3913 void gfree_loadparm(void)
3919 /* Free resources allocated to services */
3921 for ( i = 0; i < iNumServices; i++ ) {
3923 free_service_byindex(i);
3927 TALLOC_FREE( ServicePtrs );
3930 /* Now release all resources allocated to global
3931 parameters and the default service */
3933 free_global_parameters();
3937 /***************************************************************************
3938 Allow client apps to specify that they are a client
3939 ***************************************************************************/
3940 static void lp_set_in_client(bool b)
3946 /***************************************************************************
3947 Determine if we're running in a client app
3948 ***************************************************************************/
3949 static bool lp_is_in_client(void)
3954 /***************************************************************************
3955 Load the services array from the services file. Return true on success,
3957 ***************************************************************************/
3959 static bool lp_load_ex(const char *pszFname,
3963 bool initialize_globals,
3964 bool allow_include_registry,
3965 bool load_all_shares)
3972 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3974 bInGlobalSection = true;
3975 bGlobalOnly = global_only;
3976 bAllowIncludeRegistry = allow_include_registry;
3978 init_globals(initialize_globals);
3982 if (save_defaults) {
3987 if (!initialize_globals) {
3988 free_param_opts(&Globals.param_opt);
3989 apply_lp_set_cmdline();
3992 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3994 /* We get sections first, so have to start 'behind' to make up */
3997 if (lp_config_backend_is_file()) {
3998 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3999 current_user_info.domain,
4002 smb_panic("lp_load_ex: out of memory");
4005 add_to_file_list(NULL, &file_lists, pszFname, n2);
4007 bRetval = pm_process(n2, do_section, do_parameter, NULL);
4010 /* finish up the last section */
4011 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
4013 if (iServiceIndex >= 0) {
4014 bRetval = service_ok(iServiceIndex);
4018 if (lp_config_backend_is_registry()) {
4019 /* config backend changed to registry in config file */
4021 * We need to use this extra global variable here to
4022 * survive restart: init_globals uses this as a default
4023 * for config_backend. Otherwise, init_globals would
4024 * send us into an endless loop here.
4026 config_backend = CONFIG_BACKEND_REGISTRY;
4028 DEBUG(1, ("lp_load_ex: changing to config backend "
4031 lp_kill_all_services();
4032 return lp_load_ex(pszFname, global_only, save_defaults,
4033 add_ipc, initialize_globals,
4034 allow_include_registry,
4037 } else if (lp_config_backend_is_registry()) {
4038 bRetval = process_registry_globals();
4040 DEBUG(0, ("Illegal config backend given: %d\n",
4041 lp_config_backend()));
4045 if (bRetval && lp_registry_shares()) {
4046 if (load_all_shares) {
4047 bRetval = process_registry_shares();
4049 bRetval = reload_registry_shares();
4054 char *serv = lp_auto_services(talloc_tos());
4055 lp_add_auto_services(serv);
4060 /* When 'restrict anonymous = 2' guest connections to ipc$
4062 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
4063 if ( lp_enable_asu_support() ) {
4064 lp_add_ipc("ADMIN$", false);
4068 set_allowed_client_auth();
4070 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
4071 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
4072 lp_password_server()));
4077 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
4078 /* if we_are_a_wins_server is true and we are in the client */
4079 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
4080 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
4085 fault_configure(smb_panic_s3);
4088 * We run this check once the whole smb.conf is parsed, to
4089 * force some settings for the standard way a AD DC is
4090 * operated. We may changed these as our code evolves, which
4091 * is why we force these settings.
4093 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
4094 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
4096 lp_do_parameter(-1, "rpc_server:default", "external");
4097 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
4098 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
4099 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
4100 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
4101 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
4102 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
4103 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
4104 lp_do_parameter(-1, "rpc_server:tcpip", "no");
4107 bAllowIncludeRegistry = true;
4112 bool lp_load(const char *pszFname,
4116 bool initialize_globals)
4118 return lp_load_ex(pszFname,
4123 true, /* allow_include_registry */
4124 false); /* load_all_shares*/
4127 bool lp_load_initial_only(const char *pszFname)
4129 return lp_load_ex(pszFname,
4130 true, /* global only */
4131 false, /* save_defaults */
4132 false, /* add_ipc */
4133 true, /* initialize_globals */
4134 false, /* allow_include_registry */
4135 false); /* load_all_shares*/
4139 * most common lp_load wrapper, loading only the globals
4141 bool lp_load_global(const char *file_name)
4143 return lp_load_ex(file_name,
4144 true, /* global_only */
4145 false, /* save_defaults */
4146 false, /* add_ipc */
4147 true, /* initialize_globals */
4148 true, /* allow_include_registry */
4149 false); /* load_all_shares*/
4153 * lp_load wrapper, especially for clients
4155 bool lp_load_client(const char *file_name)
4157 lp_set_in_client(true);
4159 return lp_load_global(file_name);
4163 * lp_load wrapper, loading only globals, but intended
4164 * for subsequent calls, not reinitializing the globals
4167 bool lp_load_global_no_reinit(const char *file_name)
4169 return lp_load_ex(file_name,
4170 true, /* global_only */
4171 false, /* save_defaults */
4172 false, /* add_ipc */
4173 false, /* initialize_globals */
4174 true, /* allow_include_registry */
4175 false); /* load_all_shares*/
4179 * lp_load wrapper, especially for clients, no reinitialization
4181 bool lp_load_client_no_reinit(const char *file_name)
4183 lp_set_in_client(true);
4185 return lp_load_global_no_reinit(file_name);
4188 bool lp_load_with_registry_shares(const char *pszFname,
4192 bool initialize_globals)
4194 return lp_load_ex(pszFname,
4199 true, /* allow_include_registry */
4200 true); /* load_all_shares*/
4203 /***************************************************************************
4204 Return the max number of services.
4205 ***************************************************************************/
4207 int lp_numservices(void)
4209 return (iNumServices);
4212 /***************************************************************************
4213 Display the contents of the services array in human-readable form.
4214 ***************************************************************************/
4216 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4221 defaults_saved = false;
4225 dump_a_service(&sDefault, f, show_defaults);
4227 for (iService = 0; iService < maxtoprint; iService++) {
4229 lp_dump_one(f, show_defaults, iService);
4233 /***************************************************************************
4234 Display the contents of one service in human-readable form.
4235 ***************************************************************************/
4237 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4240 if (ServicePtrs[snum]->szService[0] == '\0')
4242 dump_a_service(ServicePtrs[snum], f, show_defaults);
4246 /***************************************************************************
4247 Return the number of the service with the given name, or -1 if it doesn't
4248 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4249 getservicebyname()! This works ONLY if all services have been loaded, and
4250 does not copy the found service.
4251 ***************************************************************************/
4253 int lp_servicenumber(const char *pszServiceName)
4256 fstring serviceName;
4258 if (!pszServiceName) {
4259 return GLOBAL_SECTION_SNUM;
4262 for (iService = iNumServices - 1; iService >= 0; iService--) {
4263 if (VALID(iService) && ServicePtrs[iService]->szService) {
4265 * The substitution here is used to support %U is
4268 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4269 standard_sub_basic(get_current_username(),
4270 current_user_info.domain,
4271 serviceName,sizeof(serviceName));
4272 if (strequal(serviceName, pszServiceName)) {
4278 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4279 struct timespec last_mod;
4281 if (!usershare_exists(iService, &last_mod)) {
4282 /* Remove the share security tdb entry for it. */
4283 delete_share_security(lp_servicename(talloc_tos(), iService));
4284 /* Remove it from the array. */
4285 free_service_byindex(iService);
4286 /* Doesn't exist anymore. */
4287 return GLOBAL_SECTION_SNUM;
4290 /* Has it been modified ? If so delete and reload. */
4291 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4293 /* Remove it from the array. */
4294 free_service_byindex(iService);
4295 /* and now reload it. */
4296 iService = load_usershare_service(pszServiceName);
4301 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4302 return GLOBAL_SECTION_SNUM;
4308 /*******************************************************************
4309 A useful volume label function.
4310 ********************************************************************/
4312 const char *volume_label(TALLOC_CTX *ctx, int snum)
4315 const char *label = lp_volume(ctx, snum);
4317 label = lp_servicename(ctx, snum);
4320 /* This returns a 33 byte guarenteed null terminated string. */
4321 ret = talloc_strndup(ctx, label, 32);
4328 /*******************************************************************
4329 Get the default server type we will announce as via nmbd.
4330 ********************************************************************/
4332 int lp_default_server_announce(void)
4334 int default_server_announce = 0;
4335 default_server_announce |= SV_TYPE_WORKSTATION;
4336 default_server_announce |= SV_TYPE_SERVER;
4337 default_server_announce |= SV_TYPE_SERVER_UNIX;
4339 /* note that the flag should be set only if we have a
4340 printer service but nmbd doesn't actually load the
4341 services so we can't tell --jerry */
4343 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4345 default_server_announce |= SV_TYPE_SERVER_NT;
4346 default_server_announce |= SV_TYPE_NT;
4348 switch (lp_server_role()) {
4349 case ROLE_DOMAIN_MEMBER:
4350 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4352 case ROLE_DOMAIN_PDC:
4353 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4355 case ROLE_DOMAIN_BDC:
4356 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4358 case ROLE_STANDALONE:
4362 if (lp_time_server())
4363 default_server_announce |= SV_TYPE_TIME_SOURCE;
4365 if (lp_host_msdfs())
4366 default_server_announce |= SV_TYPE_DFS_SERVER;
4368 return default_server_announce;
4371 /***********************************************************
4372 If we are PDC then prefer us as DMB
4373 ************************************************************/
4375 bool lp_domain_master(void)
4377 if (Globals._domain_master == Auto)
4378 return (lp_server_role() == ROLE_DOMAIN_PDC);
4380 return (bool)Globals._domain_master;
4383 /***********************************************************
4384 If we are PDC then prefer us as DMB
4385 ************************************************************/
4387 static bool lp_domain_master_true_or_auto(void)
4389 if (Globals._domain_master) /* auto or yes */
4395 /***********************************************************
4396 If we are DMB then prefer us as LMB
4397 ************************************************************/
4399 bool lp_preferred_master(void)
4401 if (Globals.iPreferredMaster == Auto)
4402 return (lp_local_master() && lp_domain_master());
4404 return (bool)Globals.iPreferredMaster;
4407 /*******************************************************************
4409 ********************************************************************/
4411 void lp_remove_service(int snum)
4413 ServicePtrs[snum]->valid = false;
4416 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4418 const char *ret = lp__printername(ctx, snum);
4419 if (ret == NULL || *ret == '\0') {
4420 ret = lp_const_servicename(snum);
4427 /***********************************************************
4428 Allow daemons such as winbindd to fix their logfile name.
4429 ************************************************************/
4431 void lp_set_logfile(const char *name)
4433 string_set(Globals.ctx, &Globals.logfile, name);
4434 debug_set_logfile(name);
4437 /*******************************************************************
4438 Return the max print jobs per queue.
4439 ********************************************************************/
4441 int lp_maxprintjobs(int snum)
4443 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4444 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4445 maxjobs = PRINT_MAX_JOBID - 1;
4450 const char *lp_printcapname(void)
4452 if ((Globals.szPrintcapname != NULL) &&
4453 (Globals.szPrintcapname[0] != '\0'))
4454 return Globals.szPrintcapname;
4456 if (sDefault.printing == PRINT_CUPS) {
4460 if (sDefault.printing == PRINT_BSD)
4461 return "/etc/printcap";
4463 return PRINTCAP_NAME;
4466 static uint32 spoolss_state;
4468 bool lp_disable_spoolss( void )
4470 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4471 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4473 return spoolss_state == SVCCTL_STOPPED ? true : false;
4476 void lp_set_spoolss_state( uint32 state )
4478 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4480 spoolss_state = state;
4483 uint32 lp_get_spoolss_state( void )
4485 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4488 /*******************************************************************
4489 Ensure we don't use sendfile if server smb signing is active.
4490 ********************************************************************/
4492 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4494 bool sign_active = false;
4496 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4497 if (get_Protocol() < PROTOCOL_NT1) {
4500 if (signing_state) {
4501 sign_active = smb_signing_is_active(signing_state);
4503 return (lp__use_sendfile(snum) &&
4504 (get_remote_arch() != RA_WIN95) &&
4508 /*******************************************************************
4509 Turn off sendfile if we find the underlying OS doesn't support it.
4510 ********************************************************************/
4512 void set_use_sendfile(int snum, bool val)
4514 if (LP_SNUM_OK(snum))
4515 ServicePtrs[snum]->_use_sendfile = val;
4517 sDefault._use_sendfile = val;
4520 /*******************************************************************
4521 Turn off storing DOS attributes if this share doesn't support it.
4522 ********************************************************************/
4524 void set_store_dos_attributes(int snum, bool val)
4526 if (!LP_SNUM_OK(snum))
4528 ServicePtrs[(snum)]->store_dos_attributes = val;
4531 void lp_set_mangling_method(const char *new_method)
4533 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4536 /*******************************************************************
4537 Global state for POSIX pathname processing.
4538 ********************************************************************/
4540 static bool posix_pathnames;
4542 bool lp_posix_pathnames(void)
4544 return posix_pathnames;
4547 /*******************************************************************
4548 Change everything needed to ensure POSIX pathname processing (currently
4550 ********************************************************************/
4552 void lp_set_posix_pathnames(void)
4554 posix_pathnames = true;
4557 /*******************************************************************
4558 Global state for POSIX lock processing - CIFS unix extensions.
4559 ********************************************************************/
4561 bool posix_default_lock_was_set;
4562 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4564 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4566 if (posix_default_lock_was_set) {
4567 return posix_cifsx_locktype;
4569 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4573 /*******************************************************************
4574 ********************************************************************/
4576 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4578 posix_default_lock_was_set = true;
4579 posix_cifsx_locktype = val;
4582 int lp_min_receive_file_size(void)
4584 if (Globals.iminreceivefile < 0) {
4587 return Globals.iminreceivefile;
4590 /*******************************************************************
4591 Safe wide links checks.
4592 This helper function always verify the validity of wide links,
4593 even after a configuration file reload.
4594 ********************************************************************/
4596 static bool lp_widelinks_internal(int snum)
4598 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4599 sDefault.bWidelinks);
4602 void widelinks_warning(int snum)
4604 if (lp_allow_insecure_wide_links()) {
4608 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4609 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4610 "These parameters are incompatible. "
4611 "Wide links will be disabled for this share.\n",
4612 lp_servicename(talloc_tos(), snum) ));
4616 bool lp_widelinks(int snum)
4618 /* wide links is always incompatible with unix extensions */
4619 if (lp_unix_extensions()) {
4621 * Unless we have "allow insecure widelinks"
4624 if (!lp_allow_insecure_wide_links()) {
4629 return lp_widelinks_internal(snum);
4632 int lp_server_role(void)
4634 return lp_find_server_role(lp__server_role(),
4636 lp__domain_logons(),
4637 lp_domain_master_true_or_auto());
4640 int lp_security(void)
4642 return lp_find_security(lp__server_role(),
4646 struct loadparm_global * get_globals(void)
git.samba.org / mat / samba.git / blob