s3:param: let lp_load_global_no_reinit() call lp_load() instead of lp_load_ex()
[Samba.git] / source3 / param / loadparm.c
blob4117872db8adb624332c63ef309e397e5d760b48
1 /*
2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
31 * Load parameters.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
37 * To add a parameter:
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
46 * Notes:
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
52 * careful!
56 #include "includes.h"
57 #include "system/filesys.h"
58 #include "util_tdb.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
61 #include "printing.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
65 #include "ads.h"
66 #include "../librpc/gen_ndr/svcctl.h"
67 #include "intl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
74 #ifdef HAVE_SYS_SYSCTL_H
75 #include <sys/sysctl.h>
76 #endif
78 #ifdef HAVE_HTTPCONNECTENCRYPT
79 #include <cups/http.h>
80 #endif
82 bool bLoaded = false;
84 extern userdom_struct current_user_info;
86 /* the special value for the include parameter
87 * to be interpreted not as a file name but to
88 * trigger loading of the global smb.conf options
89 * from registry. */
90 #ifndef INCLUDE_REGISTRY_NAME
91 #define INCLUDE_REGISTRY_NAME "registry"
92 #endif
94 static bool in_client = false; /* Not in the client by default */
95 static struct smbconf_csn conf_last_csn;
97 static int config_backend = CONFIG_BACKEND_FILE;
99 /* some helpful bits */
100 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
101 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
115 .valid = true,
116 .autoloaded = false,
117 .usershare = 0,
118 .usershare_last_mod = {0, 0},
119 .szService = NULL,
120 .path = NULL,
121 .username = NULL,
122 .invalid_users = NULL,
123 .valid_users = NULL,
124 .admin_users = NULL,
125 .szCopy = NULL,
126 .szInclude = NULL,
127 .preexec = NULL,
128 .postexec = NULL,
129 .root_preexec = NULL,
130 .root_postexec = NULL,
131 .cups_options = NULL,
132 .print_command = NULL,
133 .lpq_command = NULL,
134 .lprm_command = NULL,
135 .lppause_command = NULL,
136 .lpresume_command = NULL,
137 .queuepause_command = NULL,
138 .queueresume_command = NULL,
139 ._printername = NULL,
140 .printjob_username = NULL,
141 .dont_descend = NULL,
142 .hosts_allow = NULL,
143 .hosts_deny = NULL,
144 .magic_script = NULL,
145 .magic_output = NULL,
146 .veto_files = NULL,
147 .hide_files = NULL,
148 .veto_oplock_files = NULL,
149 .comment = NULL,
150 .force_user = NULL,
151 .force_group = NULL,
152 .read_list = NULL,
153 .write_list = NULL,
154 .volume = NULL,
155 .fstype = NULL,
156 .vfs_objects = NULL,
157 .msdfs_proxy = NULL,
158 .aio_write_behind = NULL,
159 .dfree_command = NULL,
160 .min_print_space = 0,
161 .iMaxPrintJobs = 1000,
162 .max_reported_print_jobs = 0,
163 .write_cache_size = 0,
164 .create_mask = 0744,
165 .force_create_mode = 0,
166 .directory_mask = 0755,
167 .force_directory_mode = 0,
168 .max_connections = 0,
169 .default_case = CASE_LOWER,
170 .printing = DEFAULT_PRINTING,
171 .oplock_contention_limit = 2,
172 .csc_policy = 0,
173 .block_size = 1024,
174 .dfree_cache_time = 0,
175 .preexec_close = false,
176 .root_preexec_close = false,
177 .case_sensitive = Auto,
178 .preserve_case = true,
179 .short_preserve_case = true,
180 .hide_dot_files = true,
181 .hide_special_files = false,
182 .hide_unreadable = false,
183 .hide_unwriteable_files = false,
184 .browseable = true,
185 .access_based_share_enum = false,
186 .bAvailable = true,
187 .read_only = true,
188 .guest_only = false,
189 .administrative_share = false,
190 .guest_ok = false,
191 .printable = false,
192 .print_notify_backchannel = false,
193 .map_system = false,
194 .map_hidden = false,
195 .map_archive = true,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
198 .locking = true,
199 .strict_locking = Auto,
200 .posix_locking = true,
201 .oplocks = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
204 .only_user = false,
205 .mangled_names = true,
206 .bWidelinks = false,
207 .follow_symlinks = true,
208 .sync_always = false,
209 .strict_allocate = false,
210 .strict_rename = false,
211 .strict_sync = false,
212 .mangling_char = '~',
213 .copymap = NULL,
214 .delete_readonly = false,
215 .fake_oplocks = false,
216 .delete_veto_files = false,
217 .dos_filemode = false,
218 .dos_filetimes = true,
219 .dos_filetime_resolution = false,
220 .fake_directory_create_times = false,
221 .blocking_locks = true,
222 .inherit_permissions = false,
223 .inherit_acls = false,
224 .inherit_owner = false,
225 .msdfs_root = false,
226 .msdfs_shuffle_referrals = false,
227 .use_client_driver = false,
228 .default_devmode = true,
229 .force_printername = false,
230 .nt_acl_support = true,
231 .force_unknown_acl_user = false,
232 ._use_sendfile = false,
233 .profile_acls = false,
234 .map_acl_inherit = false,
235 .afs_share = false,
236 .ea_support = false,
237 .acl_check_permissions = true,
238 .acl_map_full_control = true,
239 .acl_group_control = false,
240 .acl_allow_execute_always = false,
241 .change_notify = true,
242 .kernel_change_notify = true,
243 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
244 .aio_read_size = 0,
245 .aio_write_size = 0,
246 .map_readonly = MAP_READONLY_YES,
247 .directory_name_cache_size = 100,
248 .smb_encrypt = SMB_SIGNING_DEFAULT,
249 .kernel_share_modes = true,
250 .durable_handles = true,
251 .param_opt = NULL,
252 .dummy = ""
255 /* local variables */
256 static struct loadparm_service **ServicePtrs = NULL;
257 static int iNumServices = 0;
258 static int iServiceIndex = 0;
259 static struct db_context *ServiceHash;
260 static bool bInGlobalSection = true;
261 static bool bGlobalOnly = false;
262 static struct file_lists *file_lists = NULL;
263 static unsigned int *flags_list = NULL;
265 static void set_allowed_client_auth(void);
267 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
268 static void free_param_opts(struct parmlist_entry **popts);
270 /* this is used to prevent lots of mallocs of size 1 */
271 static const char null_string[] = "";
274 Free a string value.
277 static void string_free(char **s)
279 if (!s || !(*s))
280 return;
281 if (*s == null_string)
282 *s = NULL;
283 TALLOC_FREE(*s);
287 Set a string value, deallocating any existing space, and allocing the space
288 for the string
291 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
293 string_free(dest);
295 if (!src) {
296 src = "";
299 (*dest) = talloc_strdup(mem_ctx, src);
300 if ((*dest) == NULL) {
301 DEBUG(0,("Out of memory in string_init\n"));
302 return false;
305 return true;
309 * Function to return the default value for the maximum number of open
310 * file descriptors permitted. This function tries to consult the
311 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
312 * the smaller of those.
314 static int max_open_files(void)
316 int sysctl_max = MAX_OPEN_FILES;
317 int rlimit_max = MAX_OPEN_FILES;
319 #ifdef HAVE_SYSCTLBYNAME
321 size_t size = sizeof(sysctl_max);
322 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
325 #endif
327 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
329 struct rlimit rl;
331 ZERO_STRUCT(rl);
333 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
334 rlimit_max = rl.rlim_cur;
336 #if defined(RLIM_INFINITY)
337 if(rl.rlim_cur == RLIM_INFINITY)
338 rlimit_max = MAX_OPEN_FILES;
339 #endif
341 #endif
343 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
344 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
345 "minimum Windows limit (%d)\n",
346 sysctl_max,
347 MIN_OPEN_FILES_WINDOWS));
348 sysctl_max = MIN_OPEN_FILES_WINDOWS;
351 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
352 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
353 "minimum Windows limit (%d)\n",
354 rlimit_max,
355 MIN_OPEN_FILES_WINDOWS));
356 rlimit_max = MIN_OPEN_FILES_WINDOWS;
359 return MIN(sysctl_max, rlimit_max);
363 * Common part of freeing allocated data for one parameter.
365 static void free_one_parameter_common(void *parm_ptr,
366 struct parm_struct parm)
368 if ((parm.type == P_STRING) ||
369 (parm.type == P_USTRING))
371 string_free((char**)parm_ptr);
372 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
373 TALLOC_FREE(*((char***)parm_ptr));
378 * Free the allocated data for one parameter for a share
379 * given as a service struct.
381 static void free_one_parameter(struct loadparm_service *service,
382 struct parm_struct parm)
384 void *parm_ptr;
386 if (parm.p_class != P_LOCAL) {
387 return;
390 parm_ptr = lp_parm_ptr(service, &parm);
392 free_one_parameter_common(parm_ptr, parm);
396 * Free the allocated parameter data of a share given
397 * as a service struct.
399 static void free_parameters(struct loadparm_service *service)
401 uint32_t i;
403 for (i=0; parm_table[i].label; i++) {
404 free_one_parameter(service, parm_table[i]);
409 * Free the allocated data for one parameter for a given share
410 * specified by an snum.
412 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
414 void *parm_ptr;
416 if (snum < 0) {
417 parm_ptr = lp_parm_ptr(NULL, &parm);
418 } else if (parm.p_class != P_LOCAL) {
419 return;
420 } else {
421 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
424 free_one_parameter_common(parm_ptr, parm);
428 * Free the allocated parameter data for a share specified
429 * by an snum.
431 static void free_parameters_by_snum(int snum)
433 uint32_t i;
435 for (i=0; parm_table[i].label; i++) {
436 free_one_parameter_by_snum(snum, parm_table[i]);
441 * Free the allocated global parameters.
443 static void free_global_parameters(void)
445 free_param_opts(&Globals.param_opt);
446 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
447 TALLOC_FREE(Globals.ctx);
450 struct lp_stored_option {
451 struct lp_stored_option *prev, *next;
452 const char *label;
453 const char *value;
456 static struct lp_stored_option *stored_options;
459 save options set by lp_set_cmdline() into a list. This list is
460 re-applied when we do a globals reset, so that cmdline set options
461 are sticky across reloads of smb.conf
463 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
465 struct lp_stored_option *entry, *entry_next;
466 for (entry = stored_options; entry != NULL; entry = entry_next) {
467 entry_next = entry->next;
468 if (strcmp(pszParmName, entry->label) == 0) {
469 DLIST_REMOVE(stored_options, entry);
470 talloc_free(entry);
471 break;
475 entry = talloc(NULL, struct lp_stored_option);
476 if (!entry) {
477 return false;
480 entry->label = talloc_strdup(entry, pszParmName);
481 if (!entry->label) {
482 talloc_free(entry);
483 return false;
486 entry->value = talloc_strdup(entry, pszParmValue);
487 if (!entry->value) {
488 talloc_free(entry);
489 return false;
492 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
494 return true;
497 static bool apply_lp_set_cmdline(void)
499 struct lp_stored_option *entry = NULL;
500 for (entry = stored_options; entry != NULL; entry = entry->next) {
501 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
502 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
503 entry->label, entry->value));
504 return false;
507 return true;
510 /***************************************************************************
511 Initialise the global parameter structure.
512 ***************************************************************************/
514 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
516 static bool done_init = false;
517 char *s = NULL;
518 int i;
520 /* If requested to initialize only once and we've already done it... */
521 if (!reinit_globals && done_init) {
522 /* ... then we have nothing more to do */
523 return;
526 if (!done_init) {
527 /* The logfile can be set before this is invoked. Free it if so. */
528 if (Globals.logfile != NULL) {
529 string_free(&Globals.logfile);
530 Globals.logfile = NULL;
532 done_init = true;
533 } else {
534 free_global_parameters();
537 /* This memset and the free_global_parameters() above will
538 * wipe out smb.conf options set with lp_set_cmdline(). The
539 * apply_lp_set_cmdline() call puts these values back in the
540 * table once the defaults are set */
541 ZERO_STRUCT(Globals);
543 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
545 /* Initialize the flags list if necessary */
546 if (flags_list == NULL) {
547 get_flags();
550 for (i = 0; parm_table[i].label; i++) {
551 if ((parm_table[i].type == P_STRING ||
552 parm_table[i].type == P_USTRING))
554 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
559 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
560 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
562 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
564 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
566 DEBUG(3, ("Initialising global parameters\n"));
568 /* Must manually force to upper case here, as this does not go via the handler */
569 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
571 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
572 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
574 /* use the new 'hash2' method by default, with a prefix of 1 */
575 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
576 Globals.mangle_prefix = 1;
578 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
580 /* using UTF8 by default allows us to support all chars */
581 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
583 /* Use codepage 850 as a default for the dos character set */
584 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
587 * Allow the default PASSWD_CHAT to be overridden in local.h.
589 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
591 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
593 string_set(Globals.ctx, &Globals.passwd_program, "");
594 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
595 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
596 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
597 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
598 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
600 * By default support explicit binding to broadcast
601 * addresses.
603 Globals.nmbd_bind_explicit_broadcast = true;
605 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
606 if (s == NULL) {
607 smb_panic("init_globals: ENOMEM");
609 string_set(Globals.ctx, &Globals.server_string, s);
610 TALLOC_FREE(s);
611 #ifdef DEVELOPER
612 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
613 #endif
615 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
617 string_set(Globals.ctx, &Globals.logon_drive, "");
618 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
619 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
620 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
622 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
623 string_set(Globals.ctx, &Globals.password_server, "*");
625 Globals.algorithmic_rid_base = BASE_RID;
627 Globals.load_printers = true;
628 Globals.printcap_cache_time = 750; /* 12.5 minutes */
630 Globals.config_backend = config_backend;
631 Globals._server_role = ROLE_AUTO;
633 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
634 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
635 Globals.max_xmit = 0x4104;
636 Globals.max_mux = 50; /* This is *needed* for profile support. */
637 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
638 Globals._disable_spoolss = false;
639 Globals.max_smbd_processes = 0;/* no limit specified */
640 Globals.username_level = 0;
641 Globals.deadtime = 0;
642 Globals.getwd_cache = true;
643 Globals.large_readwrite = true;
644 Globals.max_log_size = 5000;
645 Globals.max_open_files = max_open_files();
646 Globals.server_max_protocol = PROTOCOL_SMB3_00;
647 Globals.server_min_protocol = PROTOCOL_LANMAN1;
648 Globals._client_max_protocol = PROTOCOL_DEFAULT;
649 Globals.client_min_protocol = PROTOCOL_CORE;
650 Globals._security = SEC_AUTO;
651 Globals.encrypt_passwords = true;
652 Globals.client_schannel = Auto;
653 Globals.winbind_sealed_pipes = true;
654 Globals.require_strong_key = true;
655 Globals.server_schannel = Auto;
656 Globals.read_raw = true;
657 Globals.write_raw = true;
658 Globals.null_passwords = false;
659 Globals.old_password_allowed_period = 60;
660 Globals.obey_pam_restrictions = false;
661 Globals.syslog = 1;
662 Globals.syslog_only = false;
663 Globals.timestamp_logs = true;
664 string_set(Globals.ctx, &Globals.log_level, "0");
665 Globals.debug_prefix_timestamp = false;
666 Globals.debug_hires_timestamp = true;
667 Globals.debug_pid = false;
668 Globals.debug_uid = false;
669 Globals.debug_class = false;
670 Globals.enable_core_files = true;
671 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
672 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
673 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
674 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
675 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
676 Globals.lm_interval = 60;
677 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
678 Globals.nis_homedir = false;
679 #ifdef WITH_NISPLUS_HOME
680 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
681 #else
682 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
683 #endif
684 #endif
685 Globals.time_server = false;
686 Globals.bind_interfaces_only = false;
687 Globals.unix_password_sync = false;
688 Globals.pam_password_change = false;
689 Globals.passwd_chat_debug = false;
690 Globals.passwd_chat_timeout = 2; /* 2 second default. */
691 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
692 Globals.nt_status_support = true; /* Use NT status by default. */
693 Globals.smbd_profiling_level = 0;
694 Globals.stat_cache = true; /* use stat cache by default */
695 Globals.max_stat_cache_size = 256; /* 256k by default */
696 Globals.restrict_anonymous = 0;
697 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
698 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
699 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
700 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
701 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
702 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
704 Globals.map_to_guest = 0; /* By Default, "Never" */
705 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
706 Globals.enhanced_browsing = true;
707 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
708 #ifdef MMAP_BLACKLIST
709 Globals.use_mmap = false;
710 #else
711 Globals.use_mmap = true;
712 #endif
713 Globals.unicode = true;
714 Globals.unix_extensions = true;
715 Globals.reset_on_zero_vc = false;
716 Globals.log_writeable_files_on_exit = false;
717 Globals.create_krb5_conf = true;
718 Globals.winbindMaxDomainConnections = 1;
720 /* hostname lookups can be very expensive and are broken on
721 a large number of sites (tridge) */
722 Globals.hostname_lookups = false;
724 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
725 string_set(Globals.ctx, &Globals.ldap_suffix, "");
726 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
727 string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
728 string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
729 string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
731 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
732 Globals.ldap_ssl = LDAP_SSL_START_TLS;
733 Globals.ldap_ssl_ads = false;
734 Globals.ldap_deref = -1;
735 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
736 Globals.ldap_delete_dn = false;
737 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
738 Globals.ldap_follow_referral = Auto;
739 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
740 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
741 Globals.ldap_page_size = LDAP_PAGE_SIZE;
743 Globals.ldap_debug_level = 0;
744 Globals.ldap_debug_threshold = 10;
746 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
748 /* This is what we tell the afs client. in reality we set the token
749 * to never expire, though, when this runs out the afs client will
750 * forget the token. Set to 0 to get NEVERDATE.*/
751 Globals.afs_token_lifetime = 604800;
752 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
754 /* these parameters are set to defaults that are more appropriate
755 for the increasing samba install base:
757 as a member of the workgroup, that will possibly become a
758 _local_ master browser (lm = true). this is opposed to a forced
759 local master browser startup (pm = true).
761 doesn't provide WINS server service by default (wsupp = false),
762 and doesn't provide domain master browser services by default, either.
766 Globals.show_add_printer_wizard = true;
767 Globals.os_level = 20;
768 Globals.local_master = true;
769 Globals._domain_master = Auto; /* depending on _domain_logons */
770 Globals._domain_logons = false;
771 Globals.browse_list = true;
772 Globals.we_are_a_wins_server = false;
773 Globals.wins_proxy = false;
775 TALLOC_FREE(Globals.init_logon_delayed_hosts);
776 Globals.init_logon_delay = 100; /* 100 ms default delay */
778 Globals.wins_dns_proxy = true;
780 Globals.allow_trusted_domains = true;
781 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
783 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
784 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
785 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
786 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
788 string_set(Globals.ctx, &Globals.cups_server, "");
789 string_set(Globals.ctx, &Globals.iprint_server, "");
791 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
793 Globals.cluster_addresses = NULL;
794 Globals.clustering = false;
795 Globals.ctdb_timeout = 0;
796 Globals.ctdb_locktime_warn_threshold = 0;
798 Globals.winbind_cache_time = 300; /* 5 minutes */
799 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
800 Globals.winbind_request_timeout = 60; /* 60 seconds */
801 Globals.winbind_max_clients = 200;
802 Globals.winbind_enum_users = false;
803 Globals.winbind_enum_groups = false;
804 Globals.winbind_use_default_domain = false;
805 Globals.winbind_trusted_domains_only = false;
806 Globals.winbind_nested_groups = true;
807 Globals.winbind_expand_groups = 0;
808 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
809 Globals.winbind_refresh_tickets = false;
810 Globals.winbind_offline_logon = false;
812 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
813 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
815 Globals.passdb_expand_explicit = false;
817 Globals.name_cache_timeout = 660; /* In seconds */
819 Globals.use_spnego = true;
820 Globals.client_use_spnego = true;
822 Globals.client_signing = SMB_SIGNING_DEFAULT;
823 Globals.server_signing = SMB_SIGNING_DEFAULT;
825 Globals.defer_sharing_violations = true;
826 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
828 Globals.enable_privileges = true;
829 Globals.host_msdfs = true;
830 Globals.enable_asu_support = false;
832 /* User defined shares. */
833 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
834 if (s == NULL) {
835 smb_panic("init_globals: ENOMEM");
837 string_set(Globals.ctx, &Globals.usershare_path, s);
838 TALLOC_FREE(s);
839 string_set(Globals.ctx, &Globals.usershare_template_share, "");
840 Globals.usershare_max_shares = 0;
841 /* By default disallow sharing of directories not owned by the sharer. */
842 Globals.usershare_owner_only = true;
843 /* By default disallow guest access to usershares. */
844 Globals.usershare_allow_guests = false;
846 Globals.keepalive = DEFAULT_KEEPALIVE;
848 /* By default no shares out of the registry */
849 Globals.registry_shares = false;
851 Globals.iminreceivefile = 0;
853 Globals.map_untrusted_to_domain = false;
854 Globals.multicast_dns_register = true;
856 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
857 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
858 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
859 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
860 Globals.smb2_leases = false;
862 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
864 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
866 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
868 Globals.tls_enabled = true;
870 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
871 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
872 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
874 string_set(Globals.ctx, &Globals.share_backend, "classic");
876 Globals.iPreferredMaster = Auto;
878 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
880 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
882 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
884 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
885 if (s == NULL) {
886 smb_panic("init_globals: ENOMEM");
888 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
889 TALLOC_FREE(s);
891 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
892 if (s == NULL) {
893 smb_panic("init_globals: ENOMEM");
895 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
896 TALLOC_FREE(s);
898 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
899 if (s == NULL) {
900 smb_panic("init_globals: ENOMEM");
902 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
903 TALLOC_FREE(s);
905 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
907 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
909 Globals.cldap_port = 389;
911 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
913 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
915 Globals.krb5_port = 88;
917 Globals.kpasswd_port = 464;
919 Globals.web_port = 901;
921 /* Now put back the settings that were set with lp_set_cmdline() */
922 apply_lp_set_cmdline();
925 /* Convenience routine to setup an lp_context with additional s3 variables */
926 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
928 struct loadparm_context *lp_ctx;
930 lp_ctx = loadparm_init_s3(mem_ctx,
931 loadparm_s3_helpers());
932 if (lp_ctx == NULL) {
933 DEBUG(0, ("loadparm_init_s3 failed\n"));
934 return NULL;
937 lp_ctx->sDefault = &sDefault;
938 lp_ctx->services = NULL; /* We do not want to access this directly */
939 lp_ctx->bInGlobalSection = bInGlobalSection;
940 lp_ctx->flags = flags_list;
942 return lp_ctx;
945 /*******************************************************************
946 Convenience routine to grab string parameters into talloced memory
947 and run standard_sub_basic on them. The buffers can be written to by
948 callers without affecting the source string.
949 ********************************************************************/
951 char *lp_string(TALLOC_CTX *ctx, const char *s)
953 char *ret;
955 /* The follow debug is useful for tracking down memory problems
956 especially if you have an inner loop that is calling a lp_*()
957 function that returns a string. Perhaps this debug should be
958 present all the time? */
960 #if 0
961 DEBUG(10, ("lp_string(%s)\n", s));
962 #endif
963 if (!s) {
964 return NULL;
967 ret = talloc_sub_basic(ctx,
968 get_current_username(),
969 current_user_info.domain,
971 if (trim_char(ret, '\"', '\"')) {
972 if (strchr(ret,'\"') != NULL) {
973 TALLOC_FREE(ret);
974 ret = talloc_sub_basic(ctx,
975 get_current_username(),
976 current_user_info.domain,
980 return ret;
984 In this section all the functions that are used to access the
985 parameters from the rest of the program are defined
988 #define FN_GLOBAL_STRING(fn_name,ptr) \
989 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
990 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
991 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
992 #define FN_GLOBAL_LIST(fn_name,ptr) \
993 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
994 #define FN_GLOBAL_BOOL(fn_name,ptr) \
995 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
996 #define FN_GLOBAL_CHAR(fn_name,ptr) \
997 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
998 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
999 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1001 #define FN_LOCAL_STRING(fn_name,val) \
1002 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1003 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1004 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1005 #define FN_LOCAL_LIST(fn_name,val) \
1006 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1007 #define FN_LOCAL_BOOL(fn_name,val) \
1008 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1009 #define FN_LOCAL_INTEGER(fn_name,val) \
1010 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1012 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1013 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1014 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1015 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1016 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1017 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1019 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1020 winbindMaxDomainConnections)
1022 int lp_winbind_max_domain_connections(void)
1024 if (lp_winbind_offline_logon() &&
1025 lp_winbind_max_domain_connections_int() > 1) {
1026 DEBUG(1, ("offline logons active, restricting max domain "
1027 "connections to 1\n"));
1028 return 1;
1030 return MAX(1, lp_winbind_max_domain_connections_int());
1033 int lp_smb2_max_credits(void)
1035 if (Globals.ismb2_max_credits == 0) {
1036 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1038 return Globals.ismb2_max_credits;
1040 int lp_cups_encrypt(void)
1042 int result = 0;
1043 #ifdef HAVE_HTTPCONNECTENCRYPT
1044 switch (Globals.CupsEncrypt) {
1045 case Auto:
1046 result = HTTP_ENCRYPT_REQUIRED;
1047 break;
1048 case true:
1049 result = HTTP_ENCRYPT_ALWAYS;
1050 break;
1051 case false:
1052 result = HTTP_ENCRYPT_NEVER;
1053 break;
1055 #endif
1056 return result;
1059 /* These functions remain in source3/param for now */
1061 #include "lib/param/param_functions.c"
1063 FN_LOCAL_STRING(servicename, szService)
1064 FN_LOCAL_CONST_STRING(const_servicename, szService)
1066 /* These functions cannot be auto-generated */
1067 FN_LOCAL_BOOL(autoloaded, autoloaded)
1068 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1070 /* local prototypes */
1072 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1073 static const char *get_boolean(bool bool_value);
1074 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1075 void *userdata);
1076 static bool hash_a_service(const char *name, int number);
1077 static void free_service_byindex(int iService);
1078 static void show_parameter(int parmIndex);
1079 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1082 * This is a helper function for parametrical options support. It returns a
1083 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1084 * parametrical functions are quite simple
1086 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1087 const char *option)
1089 if (snum >= iNumServices) return NULL;
1091 if (snum < 0) {
1092 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1093 } else {
1094 return get_parametric_helper(ServicePtrs[snum],
1095 type, option, Globals.param_opt);
1100 #define MISSING_PARAMETER(name) \
1101 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1103 /*******************************************************************
1104 convenience routine to return enum parameters.
1105 ********************************************************************/
1106 static int lp_enum(const char *s,const struct enum_list *_enum)
1108 int i;
1110 if (!s || !*s || !_enum) {
1111 MISSING_PARAMETER(lp_enum);
1112 return (-1);
1115 for (i=0; _enum[i].name; i++) {
1116 if (strequal(_enum[i].name,s))
1117 return _enum[i].value;
1120 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1121 return (-1);
1124 #undef MISSING_PARAMETER
1126 /* Return parametric option from a given service. Type is a part of option before ':' */
1127 /* Parametric option has following syntax: 'Type: option = value' */
1128 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1130 struct parmlist_entry *data = get_parametrics(snum, type, option);
1132 if (data == NULL||data->value==NULL) {
1133 if (def) {
1134 return lp_string(ctx, def);
1135 } else {
1136 return NULL;
1140 return lp_string(ctx, data->value);
1143 /* Return parametric option from a given service. Type is a part of option before ':' */
1144 /* Parametric option has following syntax: 'Type: option = value' */
1145 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1147 struct parmlist_entry *data = get_parametrics(snum, type, option);
1149 if (data == NULL||data->value==NULL)
1150 return def;
1152 return data->value;
1156 /* Return parametric option from a given service. Type is a part of option before ':' */
1157 /* Parametric option has following syntax: 'Type: option = value' */
1159 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1161 struct parmlist_entry *data = get_parametrics(snum, type, option);
1163 if (data == NULL||data->value==NULL)
1164 return (const char **)def;
1166 if (data->list==NULL) {
1167 data->list = str_list_make_v3(NULL, data->value, NULL);
1170 return discard_const_p(const char *, data->list);
1173 /* Return parametric option from a given service. Type is a part of option before ':' */
1174 /* Parametric option has following syntax: 'Type: option = value' */
1176 int lp_parm_int(int snum, const char *type, const char *option, int def)
1178 struct parmlist_entry *data = get_parametrics(snum, type, option);
1180 if (data && data->value && *data->value)
1181 return lp_int(data->value);
1183 return def;
1186 /* Return parametric option from a given service. Type is a part of option before ':' */
1187 /* Parametric option has following syntax: 'Type: option = value' */
1189 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1191 struct parmlist_entry *data = get_parametrics(snum, type, option);
1193 if (data && data->value && *data->value)
1194 return lp_ulong(data->value);
1196 return def;
1199 /* Return parametric option from a given service. Type is a part of option before ':' */
1200 /* Parametric option has following syntax: 'Type: option = value' */
1202 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1204 struct parmlist_entry *data = get_parametrics(snum, type, option);
1206 if (data && data->value && *data->value)
1207 return lp_bool(data->value);
1209 return def;
1212 /* Return parametric option from a given service. Type is a part of option before ':' */
1213 /* Parametric option has following syntax: 'Type: option = value' */
1215 int lp_parm_enum(int snum, const char *type, const char *option,
1216 const struct enum_list *_enum, int def)
1218 struct parmlist_entry *data = get_parametrics(snum, type, option);
1220 if (data && data->value && *data->value && _enum)
1221 return lp_enum(data->value, _enum);
1223 return def;
1227 * free a param_opts structure.
1228 * param_opts handling should be moved to talloc;
1229 * then this whole functions reduces to a TALLOC_FREE().
1232 static void free_param_opts(struct parmlist_entry **popts)
1234 struct parmlist_entry *opt, *next_opt;
1236 if (*popts != NULL) {
1237 DEBUG(5, ("Freeing parametrics:\n"));
1239 opt = *popts;
1240 while (opt != NULL) {
1241 string_free(&opt->key);
1242 string_free(&opt->value);
1243 TALLOC_FREE(opt->list);
1244 next_opt = opt->next;
1245 TALLOC_FREE(opt);
1246 opt = next_opt;
1248 *popts = NULL;
1251 /***************************************************************************
1252 Free the dynamically allocated parts of a service struct.
1253 ***************************************************************************/
1255 static void free_service(struct loadparm_service *pservice)
1257 if (!pservice)
1258 return;
1260 if (pservice->szService)
1261 DEBUG(5, ("free_service: Freeing service %s\n",
1262 pservice->szService));
1264 free_parameters(pservice);
1266 string_free(&pservice->szService);
1267 TALLOC_FREE(pservice->copymap);
1269 free_param_opts(&pservice->param_opt);
1271 ZERO_STRUCTP(pservice);
1275 /***************************************************************************
1276 remove a service indexed in the ServicePtrs array from the ServiceHash
1277 and free the dynamically allocated parts
1278 ***************************************************************************/
1280 static void free_service_byindex(int idx)
1282 if ( !LP_SNUM_OK(idx) )
1283 return;
1285 ServicePtrs[idx]->valid = false;
1287 /* we have to cleanup the hash record */
1289 if (ServicePtrs[idx]->szService) {
1290 char *canon_name = canonicalize_servicename(
1291 talloc_tos(),
1292 ServicePtrs[idx]->szService );
1294 dbwrap_delete_bystring(ServiceHash, canon_name );
1295 TALLOC_FREE(canon_name);
1298 free_service(ServicePtrs[idx]);
1299 talloc_free_children(ServicePtrs[idx]);
1302 /***************************************************************************
1303 Add a new service to the services array initialising it with the given
1304 service.
1305 ***************************************************************************/
1307 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1309 int i;
1310 int num_to_alloc = iNumServices + 1;
1311 struct loadparm_service **tsp = NULL;
1313 /* it might already exist */
1314 if (name) {
1315 i = getservicebyname(name, NULL);
1316 if (i >= 0) {
1317 return (i);
1321 /* if not, then create one */
1322 i = iNumServices;
1323 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1324 if (tsp == NULL) {
1325 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1326 return (-1);
1328 ServicePtrs = tsp;
1329 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1330 if (!ServicePtrs[iNumServices]) {
1331 DEBUG(0,("add_a_service: out of memory!\n"));
1332 return (-1);
1334 iNumServices++;
1336 ServicePtrs[i]->valid = true;
1338 copy_service(ServicePtrs[i], pservice, NULL);
1339 if (name)
1340 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1342 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1343 i, ServicePtrs[i]->szService));
1345 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1346 return (-1);
1349 return (i);
1352 /***************************************************************************
1353 Convert a string to uppercase and remove whitespaces.
1354 ***************************************************************************/
1356 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1358 char *result;
1360 if ( !src ) {
1361 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1362 return NULL;
1365 result = talloc_strdup(ctx, src);
1366 SMB_ASSERT(result != NULL);
1368 if (!strlower_m(result)) {
1369 TALLOC_FREE(result);
1370 return NULL;
1372 return result;
1375 /***************************************************************************
1376 Add a name/index pair for the services array to the hash table.
1377 ***************************************************************************/
1379 static bool hash_a_service(const char *name, int idx)
1381 char *canon_name;
1383 if ( !ServiceHash ) {
1384 DEBUG(10,("hash_a_service: creating servicehash\n"));
1385 ServiceHash = db_open_rbt(NULL);
1386 if ( !ServiceHash ) {
1387 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1388 return false;
1392 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1393 idx, name));
1395 canon_name = canonicalize_servicename(talloc_tos(), name );
1397 dbwrap_store_bystring(ServiceHash, canon_name,
1398 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1399 TDB_REPLACE);
1401 TALLOC_FREE(canon_name);
1403 return true;
1406 /***************************************************************************
1407 Add a new home service, with the specified home directory, defaults coming
1408 from service ifrom.
1409 ***************************************************************************/
1411 bool lp_add_home(const char *pszHomename, int iDefaultService,
1412 const char *user, const char *pszHomedir)
1414 int i;
1416 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1417 pszHomedir[0] == '\0') {
1418 return false;
1421 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1423 if (i < 0)
1424 return false;
1426 if (!(*(ServicePtrs[iDefaultService]->path))
1427 || strequal(ServicePtrs[iDefaultService]->path,
1428 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1429 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1432 if (!(*(ServicePtrs[i]->comment))) {
1433 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1434 if (comment == NULL) {
1435 return false;
1437 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1438 TALLOC_FREE(comment);
1441 /* set the browseable flag from the global default */
1443 ServicePtrs[i]->browseable = sDefault.browseable;
1444 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1446 ServicePtrs[i]->autoloaded = true;
1448 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1449 user, ServicePtrs[i]->path ));
1451 return true;
1454 /***************************************************************************
1455 Add a new service, based on an old one.
1456 ***************************************************************************/
1458 int lp_add_service(const char *pszService, int iDefaultService)
1460 if (iDefaultService < 0) {
1461 return add_a_service(&sDefault, pszService);
1464 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1467 /***************************************************************************
1468 Add the IPC service.
1469 ***************************************************************************/
1471 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1473 char *comment = NULL;
1474 int i = add_a_service(&sDefault, ipc_name);
1476 if (i < 0)
1477 return false;
1479 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1480 Globals.server_string);
1481 if (comment == NULL) {
1482 return false;
1485 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1486 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1487 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1488 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1489 ServicePtrs[i]->max_connections = 0;
1490 ServicePtrs[i]->bAvailable = true;
1491 ServicePtrs[i]->read_only = true;
1492 ServicePtrs[i]->guest_only = false;
1493 ServicePtrs[i]->administrative_share = true;
1494 ServicePtrs[i]->guest_ok = guest_ok;
1495 ServicePtrs[i]->printable = false;
1496 ServicePtrs[i]->browseable = sDefault.browseable;
1498 DEBUG(3, ("adding IPC service\n"));
1500 TALLOC_FREE(comment);
1501 return true;
1504 /***************************************************************************
1505 Add a new printer service, with defaults coming from service iFrom.
1506 ***************************************************************************/
1508 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1510 const char *comment = "From Printcap";
1511 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1513 if (i < 0)
1514 return false;
1516 /* note that we do NOT default the availability flag to true - */
1517 /* we take it from the default service passed. This allows all */
1518 /* dynamic printers to be disabled by disabling the [printers] */
1519 /* entry (if/when the 'available' keyword is implemented!). */
1521 /* the printer name is set to the service name. */
1522 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1523 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1525 /* set the browseable flag from the gloabl default */
1526 ServicePtrs[i]->browseable = sDefault.browseable;
1528 /* Printers cannot be read_only. */
1529 ServicePtrs[i]->read_only = false;
1530 /* No oplocks on printer services. */
1531 ServicePtrs[i]->oplocks = false;
1532 /* Printer services must be printable. */
1533 ServicePtrs[i]->printable = true;
1535 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1537 return true;
1541 /***************************************************************************
1542 Check whether the given parameter name is valid.
1543 Parametric options (names containing a colon) are considered valid.
1544 ***************************************************************************/
1546 bool lp_parameter_is_valid(const char *pszParmName)
1548 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1549 (strchr(pszParmName, ':') != NULL));
1552 /***************************************************************************
1553 Check whether the given name is the name of a global parameter.
1554 Returns true for strings belonging to parameters of class
1555 P_GLOBAL, false for all other strings, also for parametric options
1556 and strings not belonging to any option.
1557 ***************************************************************************/
1559 bool lp_parameter_is_global(const char *pszParmName)
1561 int num = lpcfg_map_parameter(pszParmName);
1563 if (num >= 0) {
1564 return (parm_table[num].p_class == P_GLOBAL);
1567 return false;
1570 /**************************************************************************
1571 Check whether the given name is the canonical name of a parameter.
1572 Returns false if it is not a valid parameter Name.
1573 For parametric options, true is returned.
1574 **************************************************************************/
1576 bool lp_parameter_is_canonical(const char *parm_name)
1578 if (!lp_parameter_is_valid(parm_name)) {
1579 return false;
1582 return (lpcfg_map_parameter(parm_name) ==
1583 map_parameter_canonical(parm_name, NULL));
1586 /**************************************************************************
1587 Determine the canonical name for a parameter.
1588 Indicate when it is an inverse (boolean) synonym instead of a
1589 "usual" synonym.
1590 **************************************************************************/
1592 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1593 bool *inverse)
1595 int num;
1597 if (!lp_parameter_is_valid(parm_name)) {
1598 *canon_parm = NULL;
1599 return false;
1602 num = map_parameter_canonical(parm_name, inverse);
1603 if (num < 0) {
1604 /* parametric option */
1605 *canon_parm = parm_name;
1606 } else {
1607 *canon_parm = parm_table[num].label;
1610 return true;
1614 /**************************************************************************
1615 Determine the canonical name for a parameter.
1616 Turn the value given into the inverse boolean expression when
1617 the synonym is an invers boolean synonym.
1619 Return true if parm_name is a valid parameter name and
1620 in case it is an invers boolean synonym, if the val string could
1621 successfully be converted to the reverse bool.
1622 Return false in all other cases.
1623 **************************************************************************/
1625 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1626 const char *val,
1627 const char **canon_parm,
1628 const char **canon_val)
1630 int num;
1631 bool inverse;
1633 if (!lp_parameter_is_valid(parm_name)) {
1634 *canon_parm = NULL;
1635 *canon_val = NULL;
1636 return false;
1639 num = map_parameter_canonical(parm_name, &inverse);
1640 if (num < 0) {
1641 /* parametric option */
1642 *canon_parm = parm_name;
1643 *canon_val = val;
1644 } else {
1645 *canon_parm = parm_table[num].label;
1646 if (inverse) {
1647 if (!lp_invert_boolean(val, canon_val)) {
1648 *canon_val = NULL;
1649 return false;
1651 } else {
1652 *canon_val = val;
1656 return true;
1659 /***************************************************************************
1660 Map a parameter's string representation to the index of the canonical
1661 form of the parameter (it might be a synonym).
1662 Returns -1 if the parameter string is not recognised.
1663 ***************************************************************************/
1665 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1667 int parm_num, canon_num;
1668 bool loc_inverse = false;
1670 parm_num = lpcfg_map_parameter(pszParmName);
1671 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1672 /* invalid, parametric or no canidate for synonyms ... */
1673 goto done;
1676 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1677 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1678 parm_num = canon_num;
1679 goto done;
1683 done:
1684 if (inverse != NULL) {
1685 *inverse = loc_inverse;
1687 return parm_num;
1690 /***************************************************************************
1691 return true if parameter number parm1 is a synonym of parameter
1692 number parm2 (parm2 being the principal name).
1693 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1694 false otherwise.
1695 ***************************************************************************/
1697 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1699 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1700 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1701 (parm_table[parm1].flags & FLAG_HIDE) &&
1702 !(parm_table[parm2].flags & FLAG_HIDE))
1704 if (inverse != NULL) {
1705 if ((parm_table[parm1].type == P_BOOLREV) &&
1706 (parm_table[parm2].type == P_BOOL))
1708 *inverse = true;
1709 } else {
1710 *inverse = false;
1713 return true;
1715 return false;
1718 /***************************************************************************
1719 Show one parameter's name, type, [values,] and flags.
1720 (helper functions for show_parameter_list)
1721 ***************************************************************************/
1723 static void show_parameter(int parmIndex)
1725 int enumIndex, flagIndex;
1726 int parmIndex2;
1727 bool hadFlag;
1728 bool hadSyn;
1729 bool inverse;
1730 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1731 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1732 "P_ENUM", "P_SEP"};
1733 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
1734 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
1735 FLAG_HIDE};
1736 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
1737 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
1738 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
1740 printf("%s=%s", parm_table[parmIndex].label,
1741 type[parm_table[parmIndex].type]);
1742 if (parm_table[parmIndex].type == P_ENUM) {
1743 printf(",");
1744 for (enumIndex=0;
1745 parm_table[parmIndex].enum_list[enumIndex].name;
1746 enumIndex++)
1748 printf("%s%s",
1749 enumIndex ? "|" : "",
1750 parm_table[parmIndex].enum_list[enumIndex].name);
1753 printf(",");
1754 hadFlag = false;
1755 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1756 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1757 printf("%s%s",
1758 hadFlag ? "|" : "",
1759 flag_names[flagIndex]);
1760 hadFlag = true;
1764 /* output synonyms */
1765 hadSyn = false;
1766 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1767 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1768 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1769 parm_table[parmIndex2].label);
1770 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1771 if (!hadSyn) {
1772 printf(" (synonyms: ");
1773 hadSyn = true;
1774 } else {
1775 printf(", ");
1777 printf("%s%s", parm_table[parmIndex2].label,
1778 inverse ? "[i]" : "");
1781 if (hadSyn) {
1782 printf(")");
1785 printf("\n");
1788 /***************************************************************************
1789 Show all parameter's name, type, [values,] and flags.
1790 ***************************************************************************/
1792 void show_parameter_list(void)
1794 int classIndex, parmIndex;
1795 const char *section_names[] = { "local", "global", NULL};
1797 for (classIndex=0; section_names[classIndex]; classIndex++) {
1798 printf("[%s]\n", section_names[classIndex]);
1799 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1800 if (parm_table[parmIndex].p_class == classIndex) {
1801 show_parameter(parmIndex);
1807 /***************************************************************************
1808 Get the standard string representation of a boolean value ("yes" or "no")
1809 ***************************************************************************/
1811 static const char *get_boolean(bool bool_value)
1813 static const char *yes_str = "yes";
1814 static const char *no_str = "no";
1816 return (bool_value ? yes_str : no_str);
1819 /***************************************************************************
1820 Provide the string of the negated boolean value associated to the boolean
1821 given as a string. Returns false if the passed string does not correctly
1822 represent a boolean.
1823 ***************************************************************************/
1825 bool lp_invert_boolean(const char *str, const char **inverse_str)
1827 bool val;
1829 if (!set_boolean(str, &val)) {
1830 return false;
1833 *inverse_str = get_boolean(!val);
1834 return true;
1837 /***************************************************************************
1838 Provide the canonical string representation of a boolean value given
1839 as a string. Return true on success, false if the string given does
1840 not correctly represent a boolean.
1841 ***************************************************************************/
1843 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1845 bool val;
1847 if (!set_boolean(str, &val)) {
1848 return false;
1851 *canon_str = get_boolean(val);
1852 return true;
1855 /***************************************************************************
1856 Find a service by name. Otherwise works like get_service.
1857 ***************************************************************************/
1859 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1861 int iService = -1;
1862 char *canon_name;
1863 TDB_DATA data;
1864 NTSTATUS status;
1866 if (ServiceHash == NULL) {
1867 return -1;
1870 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1872 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1873 &data);
1875 if (NT_STATUS_IS_OK(status) &&
1876 (data.dptr != NULL) &&
1877 (data.dsize == sizeof(iService)))
1879 iService = *(int *)data.dptr;
1882 TALLOC_FREE(canon_name);
1884 if ((iService != -1) && (LP_SNUM_OK(iService))
1885 && (pserviceDest != NULL)) {
1886 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1889 return (iService);
1892 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1893 struct loadparm_service *lp_service(const char *pszServiceName)
1895 int iService = getservicebyname(pszServiceName, NULL);
1896 if (iService == -1 || !LP_SNUM_OK(iService)) {
1897 return NULL;
1899 return ServicePtrs[iService];
1902 struct loadparm_service *lp_servicebynum(int snum)
1904 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1905 return NULL;
1907 return ServicePtrs[snum];
1910 struct loadparm_service *lp_default_loadparm_service()
1912 return &sDefault;
1915 static struct smbconf_ctx *lp_smbconf_ctx(void)
1917 sbcErr err;
1918 static struct smbconf_ctx *conf_ctx = NULL;
1920 if (conf_ctx == NULL) {
1921 err = smbconf_init(NULL, &conf_ctx, "registry:");
1922 if (!SBC_ERROR_IS_OK(err)) {
1923 DEBUG(1, ("error initializing registry configuration: "
1924 "%s\n", sbcErrorString(err)));
1925 conf_ctx = NULL;
1929 return conf_ctx;
1932 static bool process_smbconf_service(struct smbconf_service *service)
1934 uint32_t count;
1935 bool ret;
1937 if (service == NULL) {
1938 return false;
1941 ret = lp_do_section(service->name, NULL);
1942 if (ret != true) {
1943 return false;
1945 for (count = 0; count < service->num_params; count++) {
1947 if (!bInGlobalSection && bGlobalOnly) {
1948 ret = true;
1949 } else {
1950 const char *pszParmName = service->param_names[count];
1951 const char *pszParmValue = service->param_values[count];
1953 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
1955 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
1956 pszParmName, pszParmValue);
1959 if (ret != true) {
1960 return false;
1963 if (iServiceIndex >= 0) {
1964 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
1966 return true;
1970 * load a service from registry and activate it
1972 bool process_registry_service(const char *service_name)
1974 sbcErr err;
1975 struct smbconf_service *service = NULL;
1976 TALLOC_CTX *mem_ctx = talloc_stackframe();
1977 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
1978 bool ret = false;
1980 if (conf_ctx == NULL) {
1981 goto done;
1984 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
1986 if (!smbconf_share_exists(conf_ctx, service_name)) {
1988 * Registry does not contain data for this service (yet),
1989 * but make sure lp_load doesn't return false.
1991 ret = true;
1992 goto done;
1995 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
1996 if (!SBC_ERROR_IS_OK(err)) {
1997 goto done;
2000 ret = process_smbconf_service(service);
2001 if (!ret) {
2002 goto done;
2005 /* store the csn */
2006 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2008 done:
2009 TALLOC_FREE(mem_ctx);
2010 return ret;
2014 * process_registry_globals
2016 static bool process_registry_globals(void)
2018 bool ret;
2020 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2022 if (!bInGlobalSection && bGlobalOnly) {
2023 ret = true;
2024 } else {
2025 const char *pszParmName = "registry shares";
2026 const char *pszParmValue = "yes";
2028 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2030 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2031 pszParmName, pszParmValue);
2034 if (!ret) {
2035 return ret;
2038 return process_registry_service(GLOBAL_NAME);
2041 bool process_registry_shares(void)
2043 sbcErr err;
2044 uint32_t count;
2045 struct smbconf_service **service = NULL;
2046 uint32_t num_shares = 0;
2047 TALLOC_CTX *mem_ctx = talloc_stackframe();
2048 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2049 bool ret = false;
2051 if (conf_ctx == NULL) {
2052 goto done;
2055 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2056 if (!SBC_ERROR_IS_OK(err)) {
2057 goto done;
2060 ret = true;
2062 for (count = 0; count < num_shares; count++) {
2063 if (strequal(service[count]->name, GLOBAL_NAME)) {
2064 continue;
2066 ret = process_smbconf_service(service[count]);
2067 if (!ret) {
2068 goto done;
2072 /* store the csn */
2073 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2075 done:
2076 TALLOC_FREE(mem_ctx);
2077 return ret;
2081 * reload those shares from registry that are already
2082 * activated in the services array.
2084 static bool reload_registry_shares(void)
2086 int i;
2087 bool ret = true;
2089 for (i = 0; i < iNumServices; i++) {
2090 if (!VALID(i)) {
2091 continue;
2094 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2095 continue;
2098 ret = process_registry_service(ServicePtrs[i]->szService);
2099 if (!ret) {
2100 goto done;
2104 done:
2105 return ret;
2109 #define MAX_INCLUDE_DEPTH 100
2111 static uint8_t include_depth;
2114 * Free the file lists
2116 static void free_file_list(void)
2118 struct file_lists *f;
2119 struct file_lists *next;
2121 f = file_lists;
2122 while( f ) {
2123 next = f->next;
2124 TALLOC_FREE( f );
2125 f = next;
2127 file_lists = NULL;
2132 * Utility function for outsiders to check if we're running on registry.
2134 bool lp_config_backend_is_registry(void)
2136 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2140 * Utility function to check if the config backend is FILE.
2142 bool lp_config_backend_is_file(void)
2144 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2147 /*******************************************************************
2148 Check if a config file has changed date.
2149 ********************************************************************/
2151 bool lp_file_list_changed(void)
2153 struct file_lists *f = file_lists;
2155 DEBUG(6, ("lp_file_list_changed()\n"));
2157 while (f) {
2158 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2159 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2161 if (conf_ctx == NULL) {
2162 return false;
2164 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2165 NULL))
2167 DEBUGADD(6, ("registry config changed\n"));
2168 return true;
2170 } else {
2171 time_t mod_time;
2172 char *n2 = NULL;
2174 n2 = talloc_sub_basic(talloc_tos(),
2175 get_current_username(),
2176 current_user_info.domain,
2177 f->name);
2178 if (!n2) {
2179 return false;
2181 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2182 f->name, n2, ctime(&f->modtime)));
2184 mod_time = file_modtime(n2);
2186 if (mod_time &&
2187 ((f->modtime != mod_time) ||
2188 (f->subfname == NULL) ||
2189 (strcmp(n2, f->subfname) != 0)))
2191 DEBUGADD(6,
2192 ("file %s modified: %s\n", n2,
2193 ctime(&mod_time)));
2194 f->modtime = mod_time;
2195 TALLOC_FREE(f->subfname);
2196 f->subfname = talloc_strdup(f, n2);
2197 if (f->subfname == NULL) {
2198 smb_panic("talloc_strdup failed");
2200 TALLOC_FREE(n2);
2201 return true;
2203 TALLOC_FREE(n2);
2205 f = f->next;
2207 return false;
2212 * Initialize iconv conversion descriptors.
2214 * This is called the first time it is needed, and also called again
2215 * every time the configuration is reloaded, because the charset or
2216 * codepage might have changed.
2218 static void init_iconv(void)
2220 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2221 lp_unix_charset(),
2222 true, global_iconv_handle);
2225 /***************************************************************************
2226 Handle the include operation.
2227 ***************************************************************************/
2228 static bool bAllowIncludeRegistry = true;
2230 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2231 const char *pszParmValue, char **ptr)
2233 char *fname;
2235 if (include_depth >= MAX_INCLUDE_DEPTH) {
2236 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2237 include_depth));
2238 return false;
2241 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2242 if (!bAllowIncludeRegistry) {
2243 return true;
2245 if (lp_ctx->bInGlobalSection) {
2246 bool ret;
2247 include_depth++;
2248 ret = process_registry_globals();
2249 include_depth--;
2250 return ret;
2251 } else {
2252 DEBUG(1, ("\"include = registry\" only effective "
2253 "in %s section\n", GLOBAL_NAME));
2254 return false;
2258 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2259 current_user_info.domain,
2260 pszParmValue);
2262 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2264 if (service == NULL) {
2265 string_set(Globals.ctx, ptr, fname);
2266 } else {
2267 string_set(service, ptr, fname);
2270 if (file_exist(fname)) {
2271 bool ret;
2272 include_depth++;
2273 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2274 include_depth--;
2275 TALLOC_FREE(fname);
2276 return ret;
2279 DEBUG(2, ("Can't find include file %s\n", fname));
2280 TALLOC_FREE(fname);
2281 return true;
2284 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2286 char *config_option = NULL;
2287 const char *range = NULL;
2288 bool ret = false;
2290 SMB_ASSERT(low != NULL);
2291 SMB_ASSERT(high != NULL);
2293 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2294 domain_name = "*";
2297 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2298 domain_name);
2299 if (config_option == NULL) {
2300 DEBUG(0, ("out of memory\n"));
2301 return false;
2304 range = lp_parm_const_string(-1, config_option, "range", NULL);
2305 if (range == NULL) {
2306 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2307 goto done;
2310 if (sscanf(range, "%u - %u", low, high) != 2) {
2311 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2312 range, domain_name));
2313 goto done;
2316 ret = true;
2318 done:
2319 talloc_free(config_option);
2320 return ret;
2324 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2326 return lp_idmap_range("*", low, high);
2329 const char *lp_idmap_backend(const char *domain_name)
2331 char *config_option = NULL;
2332 const char *backend = NULL;
2334 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2335 domain_name = "*";
2338 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2339 domain_name);
2340 if (config_option == NULL) {
2341 DEBUG(0, ("out of memory\n"));
2342 return false;
2345 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2346 if (backend == NULL) {
2347 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2348 goto done;
2351 done:
2352 talloc_free(config_option);
2353 return backend;
2356 const char *lp_idmap_default_backend(void)
2358 return lp_idmap_backend("*");
2361 /***************************************************************************
2362 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2363 ***************************************************************************/
2365 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2367 const char *suffix_string;
2369 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2370 Globals.ldap_suffix );
2371 if ( !suffix_string ) {
2372 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2373 return "";
2376 return suffix_string;
2379 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2381 if (Globals.szLdapMachineSuffix[0])
2382 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2384 return lp_string(ctx, Globals.ldap_suffix);
2387 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2389 if (Globals.szLdapUserSuffix[0])
2390 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2392 return lp_string(ctx, Globals.ldap_suffix);
2395 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2397 if (Globals.szLdapGroupSuffix[0])
2398 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2400 return lp_string(ctx, Globals.ldap_suffix);
2403 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2405 if (Globals.szLdapIdmapSuffix[0])
2406 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2408 return lp_string(ctx, Globals.ldap_suffix);
2412 return the parameter pointer for a parameter
2414 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2416 if (service == NULL) {
2417 if (parm->p_class == P_LOCAL)
2418 return (void *)(((char *)&sDefault)+parm->offset);
2419 else if (parm->p_class == P_GLOBAL)
2420 return (void *)(((char *)&Globals)+parm->offset);
2421 else return NULL;
2422 } else {
2423 return (void *)(((char *)service) + parm->offset);
2427 /***************************************************************************
2428 Process a parameter for a particular service number. If snum < 0
2429 then assume we are in the globals.
2430 ***************************************************************************/
2432 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2434 TALLOC_CTX *frame = talloc_stackframe();
2435 struct loadparm_context *lp_ctx;
2436 bool ok;
2438 lp_ctx = setup_lp_context(frame);
2439 if (lp_ctx == NULL) {
2440 TALLOC_FREE(frame);
2441 return false;
2444 if (snum < 0) {
2445 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2446 } else {
2447 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2448 pszParmName, pszParmValue);
2451 TALLOC_FREE(frame);
2453 return ok;
2456 /***************************************************************************
2457 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2458 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2459 ***************************************************************************/
2461 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2463 int parmnum, i;
2464 parmnum = lpcfg_map_parameter(pszParmName);
2465 if (parmnum >= 0) {
2466 flags_list[parmnum] &= ~FLAG_CMDLINE;
2467 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2468 return false;
2470 flags_list[parmnum] |= FLAG_CMDLINE;
2472 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2473 * be grouped in the table, so we don't have to search the
2474 * whole table */
2475 for (i=parmnum-1;
2476 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2477 && parm_table[i].p_class == parm_table[parmnum].p_class;
2478 i--) {
2479 flags_list[i] |= FLAG_CMDLINE;
2481 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2482 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2483 flags_list[i] |= FLAG_CMDLINE;
2486 return true;
2489 /* it might be parametric */
2490 if (strchr(pszParmName, ':') != NULL) {
2491 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2492 return true;
2495 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2496 return false;
2499 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2501 bool ret;
2502 TALLOC_CTX *frame = talloc_stackframe();
2503 struct loadparm_context *lp_ctx;
2505 lp_ctx = setup_lp_context(frame);
2506 if (lp_ctx == NULL) {
2507 TALLOC_FREE(frame);
2508 return false;
2511 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2513 TALLOC_FREE(frame);
2514 return ret;
2517 /***************************************************************************
2518 Process a parameter.
2519 ***************************************************************************/
2521 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2522 void *userdata)
2524 if (!bInGlobalSection && bGlobalOnly)
2525 return true;
2527 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2529 if (bInGlobalSection) {
2530 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2531 } else {
2532 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2533 pszParmName, pszParmValue);
2537 /***************************************************************************
2538 Initialize any local variables in the sDefault table, after parsing a
2539 [globals] section.
2540 ***************************************************************************/
2542 static void init_locals(void)
2545 * We run this check once the [globals] is parsed, to force
2546 * the VFS objects and other per-share settings we need for
2547 * the standard way a AD DC is operated. We may change these
2548 * as our code evolves, which is why we force these settings.
2550 * We can't do this at the end of lp_load_ex(), as by that
2551 * point the services have been loaded and they will already
2552 * have "" as their vfs objects.
2554 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2555 const char **vfs_objects = lp_vfs_objects(-1);
2556 if (!vfs_objects || !vfs_objects[0]) {
2557 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2558 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2559 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2560 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2561 } else {
2562 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2566 lp_do_parameter(-1, "map hidden", "no");
2567 lp_do_parameter(-1, "map system", "no");
2568 lp_do_parameter(-1, "map readonly", "no");
2569 lp_do_parameter(-1, "map archive", "no");
2570 lp_do_parameter(-1, "store dos attributes", "yes");
2574 /***************************************************************************
2575 Process a new section (service). At this stage all sections are services.
2576 Later we'll have special sections that permit server parameters to be set.
2577 Returns true on success, false on failure.
2578 ***************************************************************************/
2580 bool lp_do_section(const char *pszSectionName, void *userdata)
2582 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2583 bool bRetval;
2584 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2585 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2586 bRetval = false;
2588 /* if we were in a global section then do the local inits */
2589 if (bInGlobalSection && !isglobal)
2590 init_locals();
2592 /* if we've just struck a global section, note the fact. */
2593 bInGlobalSection = isglobal;
2594 if (lp_ctx != NULL) {
2595 lp_ctx->bInGlobalSection = isglobal;
2598 /* check for multiple global sections */
2599 if (bInGlobalSection) {
2600 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2601 return true;
2604 if (!bInGlobalSection && bGlobalOnly)
2605 return true;
2607 /* if we have a current service, tidy it up before moving on */
2608 bRetval = true;
2610 if (iServiceIndex >= 0)
2611 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2613 /* if all is still well, move to the next record in the services array */
2614 if (bRetval) {
2615 /* We put this here to avoid an odd message order if messages are */
2616 /* issued by the post-processing of a previous section. */
2617 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2619 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2620 if (iServiceIndex < 0) {
2621 DEBUG(0, ("Failed to add a new service\n"));
2622 return false;
2624 /* Clean all parametric options for service */
2625 /* They will be added during parsing again */
2626 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2629 return bRetval;
2632 /***************************************************************************
2633 Display the contents of a parameter of a single services record.
2634 ***************************************************************************/
2636 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2638 bool result = false;
2639 struct loadparm_context *lp_ctx;
2641 lp_ctx = setup_lp_context(talloc_tos());
2642 if (lp_ctx == NULL) {
2643 return false;
2646 if (isGlobal) {
2647 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2648 } else {
2649 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2651 TALLOC_FREE(lp_ctx);
2652 return result;
2655 #if 0
2656 /***************************************************************************
2657 Display the contents of a single copy structure.
2658 ***************************************************************************/
2659 static void dump_copy_map(bool *pcopymap)
2661 int i;
2662 if (!pcopymap)
2663 return;
2665 printf("\n\tNon-Copied parameters:\n");
2667 for (i = 0; parm_table[i].label; i++)
2668 if (parm_table[i].p_class == P_LOCAL &&
2669 parm_table[i].ptr && !pcopymap[i] &&
2670 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2672 printf("\t\t%s\n", parm_table[i].label);
2675 #endif
2677 /***************************************************************************
2678 Return TRUE if the passed service number is within range.
2679 ***************************************************************************/
2681 bool lp_snum_ok(int iService)
2683 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
2686 /***************************************************************************
2687 Auto-load some home services.
2688 ***************************************************************************/
2690 static void lp_add_auto_services(char *str)
2692 char *s;
2693 char *p;
2694 int homes;
2695 char *saveptr;
2697 if (!str)
2698 return;
2700 s = talloc_strdup(talloc_tos(), str);
2701 if (!s) {
2702 smb_panic("talloc_strdup failed");
2703 return;
2706 homes = lp_servicenumber(HOMES_NAME);
2708 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2709 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2710 char *home;
2712 if (lp_servicenumber(p) >= 0)
2713 continue;
2715 home = get_user_home_dir(talloc_tos(), p);
2717 if (home && home[0] && homes >= 0)
2718 lp_add_home(p, homes, p, home);
2720 TALLOC_FREE(home);
2722 TALLOC_FREE(s);
2725 /***************************************************************************
2726 Auto-load one printer.
2727 ***************************************************************************/
2729 void lp_add_one_printer(const char *name, const char *comment,
2730 const char *location, void *pdata)
2732 int printers = lp_servicenumber(PRINTERS_NAME);
2733 int i;
2735 if (lp_servicenumber(name) < 0) {
2736 lp_add_printer(name, printers);
2737 if ((i = lp_servicenumber(name)) >= 0) {
2738 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
2739 ServicePtrs[i]->autoloaded = true;
2744 /***************************************************************************
2745 Have we loaded a services file yet?
2746 ***************************************************************************/
2748 bool lp_loaded(void)
2750 return (bLoaded);
2753 /***************************************************************************
2754 Unload unused services.
2755 ***************************************************************************/
2757 void lp_killunused(struct smbd_server_connection *sconn,
2758 bool (*snumused) (struct smbd_server_connection *, int))
2760 int i;
2761 for (i = 0; i < iNumServices; i++) {
2762 if (!VALID(i))
2763 continue;
2765 /* don't kill autoloaded or usershare services */
2766 if ( ServicePtrs[i]->autoloaded ||
2767 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2768 continue;
2771 if (!snumused || !snumused(sconn, i)) {
2772 free_service_byindex(i);
2778 * Kill all except autoloaded and usershare services - convenience wrapper
2780 void lp_kill_all_services(void)
2782 lp_killunused(NULL, NULL);
2785 /***************************************************************************
2786 Unload a service.
2787 ***************************************************************************/
2789 void lp_killservice(int iServiceIn)
2791 if (VALID(iServiceIn)) {
2792 free_service_byindex(iServiceIn);
2796 /***************************************************************************
2797 Save the curent values of all global and sDefault parameters into the
2798 defaults union. This allows testparm to show only the
2799 changed (ie. non-default) parameters.
2800 ***************************************************************************/
2802 static void lp_save_defaults(void)
2804 int i;
2805 struct parmlist_entry * parm;
2806 for (i = 0; parm_table[i].label; i++) {
2807 if (!(flags_list[i] & FLAG_CMDLINE)) {
2808 flags_list[i] |= FLAG_DEFAULT;
2811 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2812 && parm_table[i].p_class == parm_table[i - 1].p_class)
2813 continue;
2814 switch (parm_table[i].type) {
2815 case P_LIST:
2816 case P_CMDLIST:
2817 parm_table[i].def.lvalue = str_list_copy(
2818 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2819 break;
2820 case P_STRING:
2821 case P_USTRING:
2822 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
2823 if (parm_table[i].def.svalue == NULL) {
2824 smb_panic("talloc_strdup failed");
2826 break;
2827 case P_BOOL:
2828 case P_BOOLREV:
2829 parm_table[i].def.bvalue =
2830 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2831 break;
2832 case P_CHAR:
2833 parm_table[i].def.cvalue =
2834 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2835 break;
2836 case P_INTEGER:
2837 case P_OCTAL:
2838 case P_ENUM:
2839 case P_BYTES:
2840 parm_table[i].def.ivalue =
2841 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2842 break;
2843 case P_SEP:
2844 break;
2848 for (parm=Globals.param_opt; parm; parm=parm->next) {
2849 if (!(parm->priority & FLAG_CMDLINE)) {
2850 parm->priority |= FLAG_DEFAULT;
2854 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2855 if (!(parm->priority & FLAG_CMDLINE)) {
2856 parm->priority |= FLAG_DEFAULT;
2860 defaults_saved = true;
2863 /***********************************************************
2864 If we should send plaintext/LANMAN passwords in the clinet
2865 ************************************************************/
2867 static void set_allowed_client_auth(void)
2869 if (Globals.client_ntlmv2_auth) {
2870 Globals.client_lanman_auth = false;
2872 if (!Globals.client_lanman_auth) {
2873 Globals.client_plaintext_auth = false;
2877 /***************************************************************************
2878 JRA.
2879 The following code allows smbd to read a user defined share file.
2880 Yes, this is my intent. Yes, I'm comfortable with that...
2882 THE FOLLOWING IS SECURITY CRITICAL CODE.
2884 It washes your clothes, it cleans your house, it guards you while you sleep...
2885 Do not f%^k with it....
2886 ***************************************************************************/
2888 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2890 /***************************************************************************
2891 Check allowed stat state of a usershare file.
2892 Ensure we print out who is dicking with us so the admin can
2893 get their sorry ass fired.
2894 ***************************************************************************/
2896 static bool check_usershare_stat(const char *fname,
2897 const SMB_STRUCT_STAT *psbuf)
2899 if (!S_ISREG(psbuf->st_ex_mode)) {
2900 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2901 "not a regular file\n",
2902 fname, (unsigned int)psbuf->st_ex_uid ));
2903 return false;
2906 /* Ensure this doesn't have the other write bit set. */
2907 if (psbuf->st_ex_mode & S_IWOTH) {
2908 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2909 "public write. Refusing to allow as a usershare file.\n",
2910 fname, (unsigned int)psbuf->st_ex_uid ));
2911 return false;
2914 /* Should be 10k or less. */
2915 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2916 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2917 "too large (%u) to be a user share file.\n",
2918 fname, (unsigned int)psbuf->st_ex_uid,
2919 (unsigned int)psbuf->st_ex_size ));
2920 return false;
2923 return true;
2926 /***************************************************************************
2927 Parse the contents of a usershare file.
2928 ***************************************************************************/
2930 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
2931 SMB_STRUCT_STAT *psbuf,
2932 const char *servicename,
2933 int snum,
2934 char **lines,
2935 int numlines,
2936 char **pp_sharepath,
2937 char **pp_comment,
2938 char **pp_cp_servicename,
2939 struct security_descriptor **ppsd,
2940 bool *pallow_guest)
2942 const char **prefixallowlist = lp_usershare_prefix_allow_list();
2943 const char **prefixdenylist = lp_usershare_prefix_deny_list();
2944 int us_vers;
2945 DIR *dp;
2946 SMB_STRUCT_STAT sbuf;
2947 char *sharepath = NULL;
2948 char *comment = NULL;
2950 *pp_sharepath = NULL;
2951 *pp_comment = NULL;
2953 *pallow_guest = false;
2955 if (numlines < 4) {
2956 return USERSHARE_MALFORMED_FILE;
2959 if (strcmp(lines[0], "#VERSION 1") == 0) {
2960 us_vers = 1;
2961 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
2962 us_vers = 2;
2963 if (numlines < 5) {
2964 return USERSHARE_MALFORMED_FILE;
2966 } else {
2967 return USERSHARE_BAD_VERSION;
2970 if (strncmp(lines[1], "path=", 5) != 0) {
2971 return USERSHARE_MALFORMED_PATH;
2974 sharepath = talloc_strdup(ctx, &lines[1][5]);
2975 if (!sharepath) {
2976 return USERSHARE_POSIX_ERR;
2978 trim_string(sharepath, " ", " ");
2980 if (strncmp(lines[2], "comment=", 8) != 0) {
2981 return USERSHARE_MALFORMED_COMMENT_DEF;
2984 comment = talloc_strdup(ctx, &lines[2][8]);
2985 if (!comment) {
2986 return USERSHARE_POSIX_ERR;
2988 trim_string(comment, " ", " ");
2989 trim_char(comment, '"', '"');
2991 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
2992 return USERSHARE_MALFORMED_ACL_DEF;
2995 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
2996 return USERSHARE_ACL_ERR;
2999 if (us_vers == 2) {
3000 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3001 return USERSHARE_MALFORMED_ACL_DEF;
3003 if (lines[4][9] == 'y') {
3004 *pallow_guest = true;
3007 /* Backwards compatible extension to file version #2. */
3008 if (numlines > 5) {
3009 if (strncmp(lines[5], "sharename=", 10) != 0) {
3010 return USERSHARE_MALFORMED_SHARENAME_DEF;
3012 if (!strequal(&lines[5][10], servicename)) {
3013 return USERSHARE_BAD_SHARENAME;
3015 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3016 if (!*pp_cp_servicename) {
3017 return USERSHARE_POSIX_ERR;
3022 if (*pp_cp_servicename == NULL) {
3023 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3024 if (!*pp_cp_servicename) {
3025 return USERSHARE_POSIX_ERR;
3029 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3030 /* Path didn't change, no checks needed. */
3031 *pp_sharepath = sharepath;
3032 *pp_comment = comment;
3033 return USERSHARE_OK;
3036 /* The path *must* be absolute. */
3037 if (sharepath[0] != '/') {
3038 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3039 servicename, sharepath));
3040 return USERSHARE_PATH_NOT_ABSOLUTE;
3043 /* If there is a usershare prefix deny list ensure one of these paths
3044 doesn't match the start of the user given path. */
3045 if (prefixdenylist) {
3046 int i;
3047 for ( i=0; prefixdenylist[i]; i++ ) {
3048 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3049 servicename, i, prefixdenylist[i], sharepath ));
3050 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3051 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3052 "usershare prefix deny list entries.\n",
3053 servicename, sharepath));
3054 return USERSHARE_PATH_IS_DENIED;
3059 /* If there is a usershare prefix allow list ensure one of these paths
3060 does match the start of the user given path. */
3062 if (prefixallowlist) {
3063 int i;
3064 for ( i=0; prefixallowlist[i]; i++ ) {
3065 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3066 servicename, i, prefixallowlist[i], sharepath ));
3067 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3068 break;
3071 if (prefixallowlist[i] == NULL) {
3072 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3073 "usershare prefix allow list entries.\n",
3074 servicename, sharepath));
3075 return USERSHARE_PATH_NOT_ALLOWED;
3079 /* Ensure this is pointing to a directory. */
3080 dp = opendir(sharepath);
3082 if (!dp) {
3083 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3084 servicename, sharepath));
3085 return USERSHARE_PATH_NOT_DIRECTORY;
3088 /* Ensure the owner of the usershare file has permission to share
3089 this directory. */
3091 if (sys_stat(sharepath, &sbuf, false) == -1) {
3092 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3093 servicename, sharepath, strerror(errno) ));
3094 closedir(dp);
3095 return USERSHARE_POSIX_ERR;
3098 closedir(dp);
3100 if (!S_ISDIR(sbuf.st_ex_mode)) {
3101 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3102 servicename, sharepath ));
3103 return USERSHARE_PATH_NOT_DIRECTORY;
3106 /* Check if sharing is restricted to owner-only. */
3107 /* psbuf is the stat of the usershare definition file,
3108 sbuf is the stat of the target directory to be shared. */
3110 if (lp_usershare_owner_only()) {
3111 /* root can share anything. */
3112 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3113 return USERSHARE_PATH_NOT_ALLOWED;
3117 *pp_sharepath = sharepath;
3118 *pp_comment = comment;
3119 return USERSHARE_OK;
3122 /***************************************************************************
3123 Deal with a usershare file.
3124 Returns:
3125 >= 0 - snum
3126 -1 - Bad name, invalid contents.
3127 - service name already existed and not a usershare, problem
3128 with permissions to share directory etc.
3129 ***************************************************************************/
3131 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3133 SMB_STRUCT_STAT sbuf;
3134 SMB_STRUCT_STAT lsbuf;
3135 char *fname = NULL;
3136 char *sharepath = NULL;
3137 char *comment = NULL;
3138 char *cp_service_name = NULL;
3139 char **lines = NULL;
3140 int numlines = 0;
3141 int fd = -1;
3142 int iService = -1;
3143 TALLOC_CTX *ctx = talloc_stackframe();
3144 struct security_descriptor *psd = NULL;
3145 bool guest_ok = false;
3146 char *canon_name = NULL;
3147 bool added_service = false;
3148 int ret = -1;
3150 /* Ensure share name doesn't contain invalid characters. */
3151 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3152 DEBUG(0,("process_usershare_file: share name %s contains "
3153 "invalid characters (any of %s)\n",
3154 file_name, INVALID_SHARENAME_CHARS ));
3155 goto out;
3158 canon_name = canonicalize_servicename(ctx, file_name);
3159 if (!canon_name) {
3160 goto out;
3163 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3164 if (!fname) {
3165 goto out;
3168 /* Minimize the race condition by doing an lstat before we
3169 open and fstat. Ensure this isn't a symlink link. */
3171 if (sys_lstat(fname, &lsbuf, false) != 0) {
3172 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3173 fname, strerror(errno) ));
3174 goto out;
3177 /* This must be a regular file, not a symlink, directory or
3178 other strange filetype. */
3179 if (!check_usershare_stat(fname, &lsbuf)) {
3180 goto out;
3184 TDB_DATA data;
3185 NTSTATUS status;
3187 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3188 canon_name, &data);
3190 iService = -1;
3192 if (NT_STATUS_IS_OK(status) &&
3193 (data.dptr != NULL) &&
3194 (data.dsize == sizeof(iService))) {
3195 memcpy(&iService, data.dptr, sizeof(iService));
3199 if (iService != -1 &&
3200 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3201 &lsbuf.st_ex_mtime) == 0) {
3202 /* Nothing changed - Mark valid and return. */
3203 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3204 canon_name ));
3205 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3206 ret = iService;
3207 goto out;
3210 /* Try and open the file read only - no symlinks allowed. */
3211 #ifdef O_NOFOLLOW
3212 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3213 #else
3214 fd = open(fname, O_RDONLY, 0);
3215 #endif
3217 if (fd == -1) {
3218 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3219 fname, strerror(errno) ));
3220 goto out;
3223 /* Now fstat to be *SURE* it's a regular file. */
3224 if (sys_fstat(fd, &sbuf, false) != 0) {
3225 close(fd);
3226 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3227 fname, strerror(errno) ));
3228 goto out;
3231 /* Is it the same dev/inode as was lstated ? */
3232 if (!check_same_stat(&lsbuf, &sbuf)) {
3233 close(fd);
3234 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3235 "Symlink spoofing going on ?\n", fname ));
3236 goto out;
3239 /* This must be a regular file, not a symlink, directory or
3240 other strange filetype. */
3241 if (!check_usershare_stat(fname, &sbuf)) {
3242 close(fd);
3243 goto out;
3246 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3248 close(fd);
3249 if (lines == NULL) {
3250 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3251 fname, (unsigned int)sbuf.st_ex_uid ));
3252 goto out;
3255 if (parse_usershare_file(ctx, &sbuf, file_name,
3256 iService, lines, numlines, &sharepath,
3257 &comment, &cp_service_name,
3258 &psd, &guest_ok) != USERSHARE_OK) {
3259 goto out;
3262 /* Everything ok - add the service possibly using a template. */
3263 if (iService < 0) {
3264 const struct loadparm_service *sp = &sDefault;
3265 if (snum_template != -1) {
3266 sp = ServicePtrs[snum_template];
3269 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3270 DEBUG(0, ("process_usershare_file: Failed to add "
3271 "new service %s\n", cp_service_name));
3272 goto out;
3275 added_service = true;
3277 /* Read only is controlled by usershare ACL below. */
3278 ServicePtrs[iService]->read_only = false;
3281 /* Write the ACL of the new/modified share. */
3282 if (!set_share_security(canon_name, psd)) {
3283 DEBUG(0, ("process_usershare_file: Failed to set share "
3284 "security for user share %s\n",
3285 canon_name ));
3286 goto out;
3289 /* If from a template it may be marked invalid. */
3290 ServicePtrs[iService]->valid = true;
3292 /* Set the service as a valid usershare. */
3293 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3295 /* Set guest access. */
3296 if (lp_usershare_allow_guests()) {
3297 ServicePtrs[iService]->guest_ok = guest_ok;
3300 /* And note when it was loaded. */
3301 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3302 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3303 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3305 ret = iService;
3307 out:
3309 if (ret == -1 && iService != -1 && added_service) {
3310 lp_remove_service(iService);
3313 TALLOC_FREE(lines);
3314 TALLOC_FREE(ctx);
3315 return ret;
3318 /***************************************************************************
3319 Checks if a usershare entry has been modified since last load.
3320 ***************************************************************************/
3322 static bool usershare_exists(int iService, struct timespec *last_mod)
3324 SMB_STRUCT_STAT lsbuf;
3325 const char *usersharepath = Globals.usershare_path;
3326 char *fname;
3328 fname = talloc_asprintf(talloc_tos(),
3329 "%s/%s",
3330 usersharepath,
3331 ServicePtrs[iService]->szService);
3332 if (fname == NULL) {
3333 return false;
3336 if (sys_lstat(fname, &lsbuf, false) != 0) {
3337 TALLOC_FREE(fname);
3338 return false;
3341 if (!S_ISREG(lsbuf.st_ex_mode)) {
3342 TALLOC_FREE(fname);
3343 return false;
3346 TALLOC_FREE(fname);
3347 *last_mod = lsbuf.st_ex_mtime;
3348 return true;
3351 /***************************************************************************
3352 Load a usershare service by name. Returns a valid servicenumber or -1.
3353 ***************************************************************************/
3355 int load_usershare_service(const char *servicename)
3357 SMB_STRUCT_STAT sbuf;
3358 const char *usersharepath = Globals.usershare_path;
3359 int max_user_shares = Globals.usershare_max_shares;
3360 int snum_template = -1;
3362 if (*usersharepath == 0 || max_user_shares == 0) {
3363 return -1;
3366 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3367 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3368 usersharepath, strerror(errno) ));
3369 return -1;
3372 if (!S_ISDIR(sbuf.st_ex_mode)) {
3373 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3374 usersharepath ));
3375 return -1;
3379 * This directory must be owned by root, and have the 't' bit set.
3380 * It also must not be writable by "other".
3383 #ifdef S_ISVTX
3384 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3385 #else
3386 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3387 #endif
3388 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3389 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3390 usersharepath ));
3391 return -1;
3394 /* Ensure the template share exists if it's set. */
3395 if (Globals.usershare_template_share[0]) {
3396 /* We can't use lp_servicenumber here as we are recommending that
3397 template shares have -valid=false set. */
3398 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3399 if (ServicePtrs[snum_template]->szService &&
3400 strequal(ServicePtrs[snum_template]->szService,
3401 Globals.usershare_template_share)) {
3402 break;
3406 if (snum_template == -1) {
3407 DEBUG(0,("load_usershare_service: usershare template share %s "
3408 "does not exist.\n",
3409 Globals.usershare_template_share ));
3410 return -1;
3414 return process_usershare_file(usersharepath, servicename, snum_template);
3417 /***************************************************************************
3418 Load all user defined shares from the user share directory.
3419 We only do this if we're enumerating the share list.
3420 This is the function that can delete usershares that have
3421 been removed.
3422 ***************************************************************************/
3424 int load_usershare_shares(struct smbd_server_connection *sconn,
3425 bool (*snumused) (struct smbd_server_connection *, int))
3427 DIR *dp;
3428 SMB_STRUCT_STAT sbuf;
3429 struct dirent *de;
3430 int num_usershares = 0;
3431 int max_user_shares = Globals.usershare_max_shares;
3432 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3433 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3434 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3435 int iService;
3436 int snum_template = -1;
3437 const char *usersharepath = Globals.usershare_path;
3438 int ret = lp_numservices();
3439 TALLOC_CTX *tmp_ctx;
3441 if (max_user_shares == 0 || *usersharepath == '\0') {
3442 return lp_numservices();
3445 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3446 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3447 usersharepath, strerror(errno) ));
3448 return ret;
3452 * This directory must be owned by root, and have the 't' bit set.
3453 * It also must not be writable by "other".
3456 #ifdef S_ISVTX
3457 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3458 #else
3459 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3460 #endif
3461 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3462 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3463 usersharepath ));
3464 return ret;
3467 /* Ensure the template share exists if it's set. */
3468 if (Globals.usershare_template_share[0]) {
3469 /* We can't use lp_servicenumber here as we are recommending that
3470 template shares have -valid=false set. */
3471 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3472 if (ServicePtrs[snum_template]->szService &&
3473 strequal(ServicePtrs[snum_template]->szService,
3474 Globals.usershare_template_share)) {
3475 break;
3479 if (snum_template == -1) {
3480 DEBUG(0,("load_usershare_shares: usershare template share %s "
3481 "does not exist.\n",
3482 Globals.usershare_template_share ));
3483 return ret;
3487 /* Mark all existing usershares as pending delete. */
3488 for (iService = iNumServices - 1; iService >= 0; iService--) {
3489 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3490 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3494 dp = opendir(usersharepath);
3495 if (!dp) {
3496 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3497 usersharepath, strerror(errno) ));
3498 return ret;
3501 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3502 (de = readdir(dp));
3503 num_dir_entries++ ) {
3504 int r;
3505 const char *n = de->d_name;
3507 /* Ignore . and .. */
3508 if (*n == '.') {
3509 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3510 continue;
3514 if (n[0] == ':') {
3515 /* Temporary file used when creating a share. */
3516 num_tmp_dir_entries++;
3519 /* Allow 20% tmp entries. */
3520 if (num_tmp_dir_entries > allowed_tmp_entries) {
3521 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3522 "in directory %s\n",
3523 num_tmp_dir_entries, usersharepath));
3524 break;
3527 r = process_usershare_file(usersharepath, n, snum_template);
3528 if (r == 0) {
3529 /* Update the services count. */
3530 num_usershares++;
3531 if (num_usershares >= max_user_shares) {
3532 DEBUG(0,("load_usershare_shares: max user shares reached "
3533 "on file %s in directory %s\n",
3534 n, usersharepath ));
3535 break;
3537 } else if (r == -1) {
3538 num_bad_dir_entries++;
3541 /* Allow 20% bad entries. */
3542 if (num_bad_dir_entries > allowed_bad_entries) {
3543 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3544 "in directory %s\n",
3545 num_bad_dir_entries, usersharepath));
3546 break;
3549 /* Allow 20% bad entries. */
3550 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3551 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3552 "in directory %s\n",
3553 num_dir_entries, usersharepath));
3554 break;
3558 closedir(dp);
3560 /* Sweep through and delete any non-refreshed usershares that are
3561 not currently in use. */
3562 tmp_ctx = talloc_stackframe();
3563 for (iService = iNumServices - 1; iService >= 0; iService--) {
3564 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3565 char *servname;
3567 if (snumused && snumused(sconn, iService)) {
3568 continue;
3571 servname = lp_servicename(tmp_ctx, iService);
3573 /* Remove from the share ACL db. */
3574 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3575 servname ));
3576 delete_share_security(servname);
3577 free_service_byindex(iService);
3580 talloc_free(tmp_ctx);
3582 return lp_numservices();
3585 /********************************************************
3586 Destroy global resources allocated in this file
3587 ********************************************************/
3589 void gfree_loadparm(void)
3591 int i;
3593 free_file_list();
3595 /* Free resources allocated to services */
3597 for ( i = 0; i < iNumServices; i++ ) {
3598 if ( VALID(i) ) {
3599 free_service_byindex(i);
3603 TALLOC_FREE( ServicePtrs );
3604 iNumServices = 0;
3606 /* Now release all resources allocated to global
3607 parameters and the default service */
3609 free_global_parameters();
3613 /***************************************************************************
3614 Allow client apps to specify that they are a client
3615 ***************************************************************************/
3616 static void lp_set_in_client(bool b)
3618 in_client = b;
3622 /***************************************************************************
3623 Determine if we're running in a client app
3624 ***************************************************************************/
3625 static bool lp_is_in_client(void)
3627 return in_client;
3630 /***************************************************************************
3631 Load the services array from the services file. Return true on success,
3632 false on failure.
3633 ***************************************************************************/
3635 static bool lp_load_ex(const char *pszFname,
3636 bool global_only,
3637 bool save_defaults,
3638 bool add_ipc,
3639 bool initialize_globals,
3640 bool allow_include_registry,
3641 bool load_all_shares)
3643 char *n2 = NULL;
3644 bool bRetval;
3645 TALLOC_CTX *frame = talloc_stackframe();
3646 struct loadparm_context *lp_ctx;
3648 bRetval = false;
3650 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3652 bInGlobalSection = true;
3653 bGlobalOnly = global_only;
3654 bAllowIncludeRegistry = allow_include_registry;
3656 lp_ctx = setup_lp_context(talloc_tos());
3658 init_globals(lp_ctx, initialize_globals);
3660 free_file_list();
3662 if (save_defaults) {
3663 init_locals();
3664 lp_save_defaults();
3667 if (!initialize_globals) {
3668 free_param_opts(&Globals.param_opt);
3669 apply_lp_set_cmdline();
3672 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3674 /* We get sections first, so have to start 'behind' to make up */
3675 iServiceIndex = -1;
3677 if (lp_config_backend_is_file()) {
3678 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3679 current_user_info.domain,
3680 pszFname);
3681 if (!n2) {
3682 smb_panic("lp_load_ex: out of memory");
3685 add_to_file_list(NULL, &file_lists, pszFname, n2);
3687 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3688 TALLOC_FREE(n2);
3690 /* finish up the last section */
3691 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3692 if (bRetval) {
3693 if (iServiceIndex >= 0) {
3694 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3698 if (lp_config_backend_is_registry()) {
3699 bool ok;
3700 /* config backend changed to registry in config file */
3702 * We need to use this extra global variable here to
3703 * survive restart: init_globals uses this as a default
3704 * for config_backend. Otherwise, init_globals would
3705 * send us into an endless loop here.
3708 config_backend = CONFIG_BACKEND_REGISTRY;
3709 /* start over */
3710 DEBUG(1, ("lp_load_ex: changing to config backend "
3711 "registry\n"));
3712 init_globals(lp_ctx, true);
3714 TALLOC_FREE(lp_ctx);
3716 lp_kill_all_services();
3717 ok = lp_load_ex(pszFname, global_only, save_defaults,
3718 add_ipc, initialize_globals,
3719 allow_include_registry,
3720 load_all_shares);
3721 TALLOC_FREE(frame);
3722 return ok;
3724 } else if (lp_config_backend_is_registry()) {
3725 bRetval = process_registry_globals();
3726 } else {
3727 DEBUG(0, ("Illegal config backend given: %d\n",
3728 lp_config_backend()));
3729 bRetval = false;
3732 if (bRetval && lp_registry_shares()) {
3733 if (load_all_shares) {
3734 bRetval = process_registry_shares();
3735 } else {
3736 bRetval = reload_registry_shares();
3741 char *serv = lp_auto_services(talloc_tos());
3742 lp_add_auto_services(serv);
3743 TALLOC_FREE(serv);
3746 if (add_ipc) {
3747 /* When 'restrict anonymous = 2' guest connections to ipc$
3748 are denied */
3749 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3750 if ( lp_enable_asu_support() ) {
3751 lp_add_ipc("ADMIN$", false);
3755 set_allowed_client_auth();
3757 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3758 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3759 lp_password_server()));
3762 bLoaded = true;
3764 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3765 /* if we_are_a_wins_server is true and we are in the client */
3766 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3767 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3770 init_iconv();
3772 fault_configure(smb_panic_s3);
3775 * We run this check once the whole smb.conf is parsed, to
3776 * force some settings for the standard way a AD DC is
3777 * operated. We may changed these as our code evolves, which
3778 * is why we force these settings.
3780 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3781 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
3783 lp_do_parameter(-1, "winbindd:use external pipes", "true");
3785 lp_do_parameter(-1, "rpc_server:default", "external");
3786 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
3787 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
3788 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
3789 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
3790 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
3791 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
3792 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
3793 lp_do_parameter(-1, "rpc_server:tcpip", "no");
3796 bAllowIncludeRegistry = true;
3798 TALLOC_FREE(frame);
3799 return (bRetval);
3802 bool lp_load(const char *pszFname,
3803 bool global_only,
3804 bool save_defaults,
3805 bool add_ipc,
3806 bool initialize_globals)
3808 return lp_load_ex(pszFname,
3809 global_only,
3810 save_defaults,
3811 add_ipc,
3812 initialize_globals,
3813 true, /* allow_include_registry */
3814 false); /* load_all_shares*/
3817 bool lp_load_initial_only(const char *pszFname)
3819 return lp_load_ex(pszFname,
3820 true, /* global only */
3821 false, /* save_defaults */
3822 false, /* add_ipc */
3823 true, /* initialize_globals */
3824 false, /* allow_include_registry */
3825 false); /* load_all_shares*/
3829 * most common lp_load wrapper, loading only the globals
3831 bool lp_load_global(const char *file_name)
3833 return lp_load(file_name,
3834 true, /* global_only */
3835 false, /* save_defaults */
3836 false, /* add_ipc */
3837 true); /* initialize_globals */
3841 * The typical lp_load wrapper with shares, loads global and
3842 * shares, including IPC, but does not force immediate
3843 * loading of all shares from registry.
3845 bool lp_load_with_shares(const char *file_name)
3847 return lp_load(file_name,
3848 false, /* global_only */
3849 false, /* save_defaults */
3850 true, /* add_ipc */
3851 true); /* initialize_globals */
3855 * lp_load wrapper, especially for clients
3857 bool lp_load_client(const char *file_name)
3859 lp_set_in_client(true);
3861 return lp_load_global(file_name);
3865 * lp_load wrapper, loading only globals, but intended
3866 * for subsequent calls, not reinitializing the globals
3867 * to default values
3869 bool lp_load_global_no_reinit(const char *file_name)
3871 return lp_load(file_name,
3872 true, /* global_only */
3873 false, /* save_defaults */
3874 false, /* add_ipc */
3875 false); /* initialize_globals */
3879 * lp_load wrapper, especially for clients, no reinitialization
3881 bool lp_load_client_no_reinit(const char *file_name)
3883 lp_set_in_client(true);
3885 return lp_load_global_no_reinit(file_name);
3888 bool lp_load_with_registry_shares(const char *pszFname,
3889 bool global_only,
3890 bool save_defaults,
3891 bool add_ipc,
3892 bool initialize_globals)
3894 return lp_load_ex(pszFname,
3895 global_only,
3896 save_defaults,
3897 add_ipc,
3898 initialize_globals,
3899 true, /* allow_include_registry */
3900 true); /* load_all_shares*/
3903 /***************************************************************************
3904 Return the max number of services.
3905 ***************************************************************************/
3907 int lp_numservices(void)
3909 return (iNumServices);
3912 /***************************************************************************
3913 Display the contents of the services array in human-readable form.
3914 ***************************************************************************/
3916 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
3918 int iService;
3919 struct loadparm_context *lp_ctx;
3921 if (show_defaults)
3922 defaults_saved = false;
3924 lp_ctx = setup_lp_context(talloc_tos());
3925 if (lp_ctx == NULL) {
3926 return;
3929 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
3931 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
3933 for (iService = 0; iService < maxtoprint; iService++) {
3934 fprintf(f,"\n");
3935 lp_dump_one(f, show_defaults, iService);
3939 /***************************************************************************
3940 Display the contents of one service in human-readable form.
3941 ***************************************************************************/
3943 void lp_dump_one(FILE * f, bool show_defaults, int snum)
3945 if (VALID(snum)) {
3946 if (ServicePtrs[snum]->szService[0] == '\0')
3947 return;
3948 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
3949 flags_list, show_defaults);
3953 /***************************************************************************
3954 Return the number of the service with the given name, or -1 if it doesn't
3955 exist. Note that this is a DIFFERENT ANIMAL from the internal function
3956 getservicebyname()! This works ONLY if all services have been loaded, and
3957 does not copy the found service.
3958 ***************************************************************************/
3960 int lp_servicenumber(const char *pszServiceName)
3962 int iService;
3963 fstring serviceName;
3965 if (!pszServiceName) {
3966 return GLOBAL_SECTION_SNUM;
3969 for (iService = iNumServices - 1; iService >= 0; iService--) {
3970 if (VALID(iService) && ServicePtrs[iService]->szService) {
3972 * The substitution here is used to support %U in
3973 * service names
3975 fstrcpy(serviceName, ServicePtrs[iService]->szService);
3976 standard_sub_basic(get_current_username(),
3977 current_user_info.domain,
3978 serviceName,sizeof(serviceName));
3979 if (strequal(serviceName, pszServiceName)) {
3980 break;
3985 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
3986 struct timespec last_mod;
3988 if (!usershare_exists(iService, &last_mod)) {
3989 /* Remove the share security tdb entry for it. */
3990 delete_share_security(lp_servicename(talloc_tos(), iService));
3991 /* Remove it from the array. */
3992 free_service_byindex(iService);
3993 /* Doesn't exist anymore. */
3994 return GLOBAL_SECTION_SNUM;
3997 /* Has it been modified ? If so delete and reload. */
3998 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3999 &last_mod) < 0) {
4000 /* Remove it from the array. */
4001 free_service_byindex(iService);
4002 /* and now reload it. */
4003 iService = load_usershare_service(pszServiceName);
4007 if (iService < 0) {
4008 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4009 return GLOBAL_SECTION_SNUM;
4012 return (iService);
4015 /*******************************************************************
4016 A useful volume label function.
4017 ********************************************************************/
4019 const char *volume_label(TALLOC_CTX *ctx, int snum)
4021 char *ret;
4022 const char *label = lp_volume(ctx, snum);
4023 if (!*label) {
4024 label = lp_servicename(ctx, snum);
4027 /* This returns a 33 byte guarenteed null terminated string. */
4028 ret = talloc_strndup(ctx, label, 32);
4029 if (!ret) {
4030 return "";
4032 return ret;
4035 /*******************************************************************
4036 Get the default server type we will announce as via nmbd.
4037 ********************************************************************/
4039 int lp_default_server_announce(void)
4041 int default_server_announce = 0;
4042 default_server_announce |= SV_TYPE_WORKSTATION;
4043 default_server_announce |= SV_TYPE_SERVER;
4044 default_server_announce |= SV_TYPE_SERVER_UNIX;
4046 /* note that the flag should be set only if we have a
4047 printer service but nmbd doesn't actually load the
4048 services so we can't tell --jerry */
4050 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4052 default_server_announce |= SV_TYPE_SERVER_NT;
4053 default_server_announce |= SV_TYPE_NT;
4055 switch (lp_server_role()) {
4056 case ROLE_DOMAIN_MEMBER:
4057 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4058 break;
4059 case ROLE_DOMAIN_PDC:
4060 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4061 break;
4062 case ROLE_DOMAIN_BDC:
4063 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4064 break;
4065 case ROLE_STANDALONE:
4066 default:
4067 break;
4069 if (lp_time_server())
4070 default_server_announce |= SV_TYPE_TIME_SOURCE;
4072 if (lp_host_msdfs())
4073 default_server_announce |= SV_TYPE_DFS_SERVER;
4075 return default_server_announce;
4078 /***********************************************************
4079 If we are PDC then prefer us as DMB
4080 ************************************************************/
4082 bool lp_domain_master(void)
4084 if (Globals._domain_master == Auto)
4085 return (lp_server_role() == ROLE_DOMAIN_PDC);
4087 return (bool)Globals._domain_master;
4090 /***********************************************************
4091 If we are PDC then prefer us as DMB
4092 ************************************************************/
4094 static bool lp_domain_master_true_or_auto(void)
4096 if (Globals._domain_master) /* auto or yes */
4097 return true;
4099 return false;
4102 /***********************************************************
4103 If we are DMB then prefer us as LMB
4104 ************************************************************/
4106 bool lp_preferred_master(void)
4108 if (Globals.iPreferredMaster == Auto)
4109 return (lp_local_master() && lp_domain_master());
4111 return (bool)Globals.iPreferredMaster;
4114 /*******************************************************************
4115 Remove a service.
4116 ********************************************************************/
4118 void lp_remove_service(int snum)
4120 ServicePtrs[snum]->valid = false;
4123 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4125 const char *ret = lp__printername(ctx, snum);
4126 if (ret == NULL || *ret == '\0') {
4127 ret = lp_const_servicename(snum);
4130 return ret;
4134 /***********************************************************
4135 Allow daemons such as winbindd to fix their logfile name.
4136 ************************************************************/
4138 void lp_set_logfile(const char *name)
4140 string_set(Globals.ctx, &Globals.logfile, name);
4141 debug_set_logfile(name);
4144 /*******************************************************************
4145 Return the max print jobs per queue.
4146 ********************************************************************/
4148 int lp_maxprintjobs(int snum)
4150 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4151 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4152 maxjobs = PRINT_MAX_JOBID - 1;
4154 return maxjobs;
4157 const char *lp_printcapname(void)
4159 if ((Globals.szPrintcapname != NULL) &&
4160 (Globals.szPrintcapname[0] != '\0'))
4161 return Globals.szPrintcapname;
4163 if (sDefault.printing == PRINT_CUPS) {
4164 return "cups";
4167 if (sDefault.printing == PRINT_BSD)
4168 return "/etc/printcap";
4170 return PRINTCAP_NAME;
4173 static uint32 spoolss_state;
4175 bool lp_disable_spoolss( void )
4177 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4178 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4180 return spoolss_state == SVCCTL_STOPPED ? true : false;
4183 void lp_set_spoolss_state( uint32 state )
4185 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4187 spoolss_state = state;
4190 uint32 lp_get_spoolss_state( void )
4192 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4195 /*******************************************************************
4196 Ensure we don't use sendfile if server smb signing is active.
4197 ********************************************************************/
4199 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4201 bool sign_active = false;
4203 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4204 if (get_Protocol() < PROTOCOL_NT1) {
4205 return false;
4207 if (signing_state) {
4208 sign_active = smb_signing_is_active(signing_state);
4210 return (lp__use_sendfile(snum) &&
4211 (get_remote_arch() != RA_WIN95) &&
4212 !sign_active);
4215 /*******************************************************************
4216 Turn off sendfile if we find the underlying OS doesn't support it.
4217 ********************************************************************/
4219 void set_use_sendfile(int snum, bool val)
4221 if (LP_SNUM_OK(snum))
4222 ServicePtrs[snum]->_use_sendfile = val;
4223 else
4224 sDefault._use_sendfile = val;
4227 /*******************************************************************
4228 Turn off storing DOS attributes if this share doesn't support it.
4229 ********************************************************************/
4231 void set_store_dos_attributes(int snum, bool val)
4233 if (!LP_SNUM_OK(snum))
4234 return;
4235 ServicePtrs[(snum)]->store_dos_attributes = val;
4238 void lp_set_mangling_method(const char *new_method)
4240 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4243 /*******************************************************************
4244 Global state for POSIX pathname processing.
4245 ********************************************************************/
4247 static bool posix_pathnames;
4249 bool lp_posix_pathnames(void)
4251 return posix_pathnames;
4254 /*******************************************************************
4255 Change everything needed to ensure POSIX pathname processing (currently
4256 not much).
4257 ********************************************************************/
4259 void lp_set_posix_pathnames(void)
4261 posix_pathnames = true;
4264 /*******************************************************************
4265 Global state for POSIX lock processing - CIFS unix extensions.
4266 ********************************************************************/
4268 bool posix_default_lock_was_set;
4269 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4271 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4273 if (posix_default_lock_was_set) {
4274 return posix_cifsx_locktype;
4275 } else {
4276 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4280 /*******************************************************************
4281 ********************************************************************/
4283 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4285 posix_default_lock_was_set = true;
4286 posix_cifsx_locktype = val;
4289 int lp_min_receive_file_size(void)
4291 if (Globals.iminreceivefile < 0) {
4292 return 0;
4294 return Globals.iminreceivefile;
4297 /*******************************************************************
4298 Safe wide links checks.
4299 This helper function always verify the validity of wide links,
4300 even after a configuration file reload.
4301 ********************************************************************/
4303 static bool lp_widelinks_internal(int snum)
4305 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4306 sDefault.bWidelinks);
4309 void widelinks_warning(int snum)
4311 if (lp_allow_insecure_wide_links()) {
4312 return;
4315 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4316 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4317 "These parameters are incompatible. "
4318 "Wide links will be disabled for this share.\n",
4319 lp_servicename(talloc_tos(), snum) ));
4323 bool lp_widelinks(int snum)
4325 /* wide links is always incompatible with unix extensions */
4326 if (lp_unix_extensions()) {
4328 * Unless we have "allow insecure widelinks"
4329 * turned on.
4331 if (!lp_allow_insecure_wide_links()) {
4332 return false;
4336 return lp_widelinks_internal(snum);
4339 int lp_server_role(void)
4341 return lp_find_server_role(lp__server_role(),
4342 lp__security(),
4343 lp__domain_logons(),
4344 lp_domain_master_true_or_auto());
4347 int lp_security(void)
4349 return lp_find_security(lp__server_role(),
4350 lp__security());
4353 int lp_client_max_protocol(void)
4355 int client_max_protocol = lp__client_max_protocol();
4356 if (client_max_protocol == PROTOCOL_DEFAULT) {
4357 return PROTOCOL_NT1;
4359 return client_max_protocol;
4362 int lp_winbindd_max_protocol(void)
4364 int client_max_protocol = lp__client_max_protocol();
4365 if (client_max_protocol == PROTOCOL_DEFAULT) {
4366 return PROTOCOL_LATEST;
4368 return client_max_protocol;
4371 struct loadparm_global * get_globals(void)
4373 return &Globals;
4376 unsigned int * get_flags(void)
4378 if (flags_list == NULL) {
4379 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
4382 return flags_list;