char *szRemoteAnnounce;
char *szRemoteBrowseSync;
char *szSocketAddress;
+ bool bNmbdBindExplicitBroadcast;
char *szNISHomeMapName;
char *szAnnounceVersion; /* This is initialised in init_globals */
char *szWorkgroup;
int oplock_break_wait_time;
int winbind_cache_time;
int winbind_reconnect_delay;
- int winbind_max_idle_children;
+ int winbind_max_clients;
char **szWinbindNssInfo;
int iLockSpinTime;
char *szLdapMachineSuffix;
bool bClientNTLMv2Auth;
bool bClientPlaintextAuth;
bool bClientUseSpnego;
+ bool client_use_spnego_principal;
bool bDebugPrefixTimestamp;
bool bDebugHiresTimestamp;
bool bDebugPid;
True, /* bLevel2OpLocks */
False, /* bOnlyUser */
True, /* bMangledNames */
- True, /* bWidelinks */
+ false, /* bWidelinks */
True, /* bSymlinks */
False, /* bSyncAlways */
False, /* bStrictAllocate */
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "client use spnego principal",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.client_use_spnego_principal,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "username",
.type = P_STRING,
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "nmbd bind explicit broadcast",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.bNmbdBindExplicitBroadcast,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "homedir map",
.type = P_STRING,
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "winbind max clients",
+ .type = P_INTEGER,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.winbind_max_clients,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "winbind enum users",
.type = P_BOOL,
#endif
if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
- DEBUG(2,("max_open_files: sysctl_max (%d) below "
+ DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
"minimum Windows limit (%d)\n",
sysctl_max,
MIN_OPEN_FILES_WINDOWS));
}
if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
- DEBUG(2,("rlimit_max: rlimit_max (%d) below "
+ DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
"minimum Windows limit (%d)\n",
rlimit_max,
MIN_OPEN_FILES_WINDOWS));
string_set(&Globals.szCacheDir, get_dyn_CACHEDIR());
string_set(&Globals.szPidDir, get_dyn_PIDDIR());
string_set(&Globals.szSocketAddress, "0.0.0.0");
+ /*
+ * By default support explicit binding to broadcast
+ * addresses.
+ */
+ Globals.bNmbdBindExplicitBroadcast = true;
if (asprintf(&s, "Samba %s", samba_version_string()) < 0) {
smb_panic("init_globals: ENOMEM");
Globals.winbind_cache_time = 300; /* 5 minutes */
Globals.winbind_reconnect_delay = 30; /* 30 seconds */
+ Globals.winbind_max_clients = 200;
Globals.bWinbindEnumUsers = False;
Globals.bWinbindEnumGroups = False;
Globals.bWinbindUseDefaultDomain = False;
char fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
FN_GLOBAL_STRING(lp_smb_ports, &Globals.smb_ports)
-FN_GLOBAL_STRING(lp_dos_charset, &Globals.dos_charset)
-FN_GLOBAL_STRING(lp_unix_charset, &Globals.unix_charset)
-FN_GLOBAL_STRING(lp_display_charset, &Globals.display_charset)
+FN_GLOBAL_CONST_STRING(lp_dos_charset, &Globals.dos_charset)
+FN_GLOBAL_CONST_STRING(lp_unix_charset, &Globals.unix_charset)
+FN_GLOBAL_CONST_STRING(lp_display_charset, &Globals.display_charset)
FN_GLOBAL_STRING(lp_logfile, &Globals.szLogFile)
FN_GLOBAL_STRING(lp_configfile, &Globals.szConfigFile)
FN_GLOBAL_STRING(lp_smb_passwd_file, &Globals.szSMBPasswdFile)
FN_GLOBAL_CONST_STRING(lp_logon_home, &Globals.szLogonHome)
FN_GLOBAL_STRING(lp_remote_announce, &Globals.szRemoteAnnounce)
FN_GLOBAL_STRING(lp_remote_browse_sync, &Globals.szRemoteBrowseSync)
+FN_GLOBAL_BOOL(lp_nmbd_bind_explicit_broadcast, &Globals.bNmbdBindExplicitBroadcast)
FN_GLOBAL_LIST(lp_wins_server_list, &Globals.szWINSservers)
FN_GLOBAL_LIST(lp_interfaces, &Globals.szInterfaces)
FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName)
FN_GLOBAL_BOOL(lp_unix_extensions, &Globals.bUnixExtensions)
FN_GLOBAL_BOOL(lp_use_spnego, &Globals.bUseSpnego)
FN_GLOBAL_BOOL(lp_client_use_spnego, &Globals.bClientUseSpnego)
+FN_GLOBAL_BOOL(lp_client_use_spnego_principal, &Globals.client_use_spnego_principal)
FN_GLOBAL_BOOL(lp_hostname_lookups, &Globals.bHostnameLookups)
FN_LOCAL_PARM_BOOL(lp_change_notify, bChangeNotify)
FN_LOCAL_PARM_BOOL(lp_kernel_change_notify, bKernelChangeNotify)
FN_GLOBAL_STRING(lp_cups_server, &Globals.szCupsServer)
int lp_cups_encrypt(void)
{
+ int result = 0;
#ifdef HAVE_HTTPCONNECTENCRYPT
switch (Globals.CupsEncrypt) {
case Auto:
- Globals.CupsEncrypt = HTTP_ENCRYPT_REQUIRED;
+ result = HTTP_ENCRYPT_REQUIRED;
break;
case True:
- Globals.CupsEncrypt = HTTP_ENCRYPT_ALWAYS;
+ result = HTTP_ENCRYPT_ALWAYS;
break;
case False:
- Globals.CupsEncrypt = HTTP_ENCRYPT_NEVER;
+ result = HTTP_ENCRYPT_NEVER;
break;
}
#endif
- return Globals.CupsEncrypt;
+ return result;
}
FN_GLOBAL_STRING(lp_iprint_server, &Globals.szIPrintServer)
FN_GLOBAL_INTEGER(lp_cups_connection_timeout, &Globals.cups_connection_timeout)
FN_LOCAL_BOOL(lp_level2_oplocks, bLevel2OpLocks)
FN_LOCAL_BOOL(lp_onlyuser, bOnlyUser)
FN_LOCAL_PARM_BOOL(lp_manglednames, bMangledNames)
-FN_LOCAL_BOOL(lp_widelinks, bWidelinks)
FN_LOCAL_BOOL(lp_symlinks, bSymlinks)
FN_LOCAL_BOOL(lp_syncalways, bSyncAlways)
FN_LOCAL_BOOL(lp_strict_allocate, bStrictAllocate)
FN_LOCAL_CHAR(lp_magicchar, magic_char)
FN_GLOBAL_INTEGER(lp_winbind_cache_time, &Globals.winbind_cache_time)
FN_GLOBAL_INTEGER(lp_winbind_reconnect_delay, &Globals.winbind_reconnect_delay)
+FN_GLOBAL_INTEGER(lp_winbind_max_clients, &Globals.winbind_max_clients)
FN_GLOBAL_LIST(lp_winbind_nss_info, &Globals.szWinbindNssInfo)
FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, &Globals.AlgorithmicRidBase)
FN_GLOBAL_INTEGER(lp_name_cache_timeout, &Globals.name_cache_timeout)
return ret;
}
+/**
+ * reload those shares from registry that are already
+ * activated in the services array.
+ */
+static bool reload_registry_shares(void)
+{
+ int i;
+ bool ret = true;
+
+ for (i = 0; i < iNumServices; i++) {
+ if (!VALID(i)) {
+ continue;
+ }
+
+ if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
+ continue;
+ }
+
+ ret = process_registry_service(ServicePtrs[i]->szService);
+ if (!ret) {
+ goto done;
+ }
+ }
+
+done:
+ return ret;
+}
+
+
#define MAX_INCLUDE_DEPTH 100
static uint8_t include_depth;
bRetval = false;
}
- if (bRetval && lp_registry_shares() && allow_registry_shares) {
- bRetval = process_registry_shares();
+ if (bRetval && lp_registry_shares()) {
+ if (allow_registry_shares) {
+ bRetval = process_registry_shares();
+ } else {
+ bRetval = reload_registry_shares();
+ }
}
- lp_add_auto_services(lp_auto_services());
+ {
+ char *serv = lp_auto_services();
+ lp_add_auto_services(serv);
+ TALLOC_FREE(serv);
+ }
if (add_ipc) {
/* When 'restrict anonymous = 2' guest connections to ipc$
const char *sharename)
{
struct share_params *result;
- char *sname;
+ fstring sname;
int snum;
- if (!(sname = SMB_STRDUP(sharename))) {
- return NULL;
- }
-
- snum = find_service(sname);
- SAFE_FREE(sname);
+ snum = find_service(sharename, sname);
if (snum < 0) {
return NULL;
{
string_set(&Globals.szPassdbBackend, backend);
}
+
+/*******************************************************************
+ Safe wide links checks.
+ This helper function always verify the validity of wide links,
+ even after a configuration file reload.
+********************************************************************/
+
+static bool lp_widelinks_internal(int snum)
+{
+ return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
+ sDefault.bWidelinks);
+}
+
+void widelinks_warning(int snum)
+{
+ if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
+ DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
+ "These parameters are incompatible. "
+ "Wide links will be disabled for this share.\n",
+ lp_servicename(snum) ));
+ }
+}
+
+bool lp_widelinks(int snum)
+{
+ /* wide links is always incompatible with unix extensions */
+ if (lp_unix_extensions()) {
+ return false;
+ }
+
+ return lp_widelinks_internal(snum);
+}
git.samba.org / samba.git / blobdiff