Changeset 988 for vendor/current/source3/utils/testparm.c
- Timestamp:
- Nov 24, 2016, 1:14:11 PM (9 years ago)
- File:
-
- 1 edited
-
vendor/current/source3/utils/testparm.c (modified) (22 diffs)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source3/utils/testparm.c
r740 r988 35 35 #include "system/filesys.h" 36 36 #include "popt_common.h" 37 #include "lib/param/loadparm.h" 37 38 38 39 /******************************************************************* … … 40 41 ********************************************************************/ 41 42 42 static bool directory_exist_stat(c har *dname,SMB_STRUCT_STAT *st)43 static bool directory_exist_stat(const char *dname,SMB_STRUCT_STAT *st) 43 44 { 44 45 SMB_STRUCT_STAT st2; … … 66 67 int ret = 0; 67 68 SMB_STRUCT_STAT st; 68 69 if (lp_security() >= SEC_DOMAIN && !lp_encrypted_passwords()) { 70 fprintf(stderr, "ERROR: in 'security=domain' mode the 'encrypt passwords' parameter must always be set to 'true'.\n"); 71 ret = 1; 72 } 73 74 if (lp_wins_support() && lp_wins_server_list()) { 75 fprintf(stderr, "ERROR: both 'wins support = true' and 'wins server = <server list>' \ 76 cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); 77 ret = 1; 78 } 79 80 if (strequal(lp_workgroup(), global_myname())) { 81 fprintf(stderr, "WARNING: 'workgroup' and 'netbios name' " \ 82 "must differ.\n"); 83 ret = 1; 84 } 85 86 if (!directory_exist_stat(lp_lockdir(), &st)) { 87 fprintf(stderr, "ERROR: lock directory %s does not exist\n", 88 lp_lockdir()); 69 const char *socket_options; 70 71 if (lp_security() >= SEC_DOMAIN && !lp_encrypt_passwords()) { 72 fprintf(stderr, "ERROR: in 'security=domain' mode the " 73 "'encrypt passwords' parameter must always be " 74 "set to 'true'.\n\n"); 75 ret = 1; 76 } 77 78 if (lp_we_are_a_wins_server() && lp_wins_server_list()) { 79 fprintf(stderr, "ERROR: both 'wins support = true' and " 80 "'wins server = <server list>' cannot be set in " 81 "the smb.conf file. nmbd will abort with this " 82 "setting.\n\n"); 83 ret = 1; 84 } 85 86 if (strequal(lp_workgroup(), lp_netbios_name())) { 87 fprintf(stderr, "WARNING: 'workgroup' and 'netbios name' " 88 "must differ.\n\n"); 89 } 90 91 if (strlen(lp_netbios_name()) > 15) { 92 fprintf(stderr, "WARNING: The 'netbios name' is too long " 93 "(max. 15 chars).\n\n"); 94 } 95 96 if (!directory_exist_stat(lp_lock_directory(), &st)) { 97 fprintf(stderr, "ERROR: lock directory %s does not exist\n\n", 98 lp_lock_directory()); 89 99 ret = 1; 90 100 } else if ((st.st_ex_mode & 0777) != 0755) { 91 fprintf(stderr, "WARNING: lock directory %s should have permissions 0755 for browsing to work\n",92 lp_lockdir());93 ret = 1;94 } 95 96 if (!directory_exist_stat(lp_state dir(), &st)) {97 fprintf(stderr, "ERROR: state directory %s does not exist\n ",98 lp_state dir());101 fprintf(stderr, "WARNING: lock directory %s should have " 102 "permissions 0755 for browsing to work\n\n", 103 lp_lock_directory()); 104 } 105 106 if (!directory_exist_stat(lp_state_directory(), &st)) { 107 fprintf(stderr, "ERROR: state directory %s does not exist\n\n", 108 lp_state_directory()); 99 109 ret = 1; 100 110 } else if ((st.st_ex_mode & 0777) != 0755) { 101 fprintf(stderr, "WARNING: state directory %s should have permissions 0755 for browsing to work\n",102 lp_statedir());103 ret = 1;104 } 105 106 if (!directory_exist_stat(lp_cache dir(), &st)) {107 fprintf(stderr, "ERROR: cache directory %s does not exist\n ",108 lp_cache dir());111 fprintf(stderr, "WARNING: state directory %s should have " 112 "permissions 0755 for browsing to work\n\n", 113 lp_state_directory()); 114 } 115 116 if (!directory_exist_stat(lp_cache_directory(), &st)) { 117 fprintf(stderr, "ERROR: cache directory %s does not exist\n\n", 118 lp_cache_directory()); 109 119 ret = 1; 110 120 } else if ((st.st_ex_mode & 0777) != 0755) { 111 fprintf(stderr, "WARNING: cache directory %s should have permissions 0755 for browsing to work\n",112 lp_cachedir());113 ret = 1;114 } 115 116 if (!directory_exist_stat(lp_pid dir(), &st)) {117 fprintf(stderr, "ERROR: pid directory %s does not exist\n ",118 lp_pid dir());121 fprintf(stderr, "WARNING: cache directory %s should have " 122 "permissions 0755 for browsing to work\n\n", 123 lp_cache_directory()); 124 } 125 126 if (!directory_exist_stat(lp_pid_directory(), &st)) { 127 fprintf(stderr, "ERROR: pid directory %s does not exist\n\n", 128 lp_pid_directory()); 119 129 ret = 1; 120 130 } … … 122 132 if (lp_passdb_expand_explicit()) { 123 133 fprintf(stderr, "WARNING: passdb expand explicit = yes is " 124 "deprecated\n"); 134 "deprecated\n\n"); 135 } 136 137 /* 138 * Socket options. 139 */ 140 socket_options = lp_socket_options(); 141 if (socket_options != NULL && 142 (strstr(socket_options, "SO_SNDBUF") || 143 strstr(socket_options, "SO_RCVBUF") || 144 strstr(socket_options, "SO_SNDLOWAT") || 145 strstr(socket_options, "SO_RCVLOWAT"))) 146 { 147 fprintf(stderr, 148 "WARNING: socket options = %s\n" 149 "This warning is printed because you set one of the\n" 150 "following options: SO_SNDBUF, SO_RCVBUF, SO_SNDLOWAT,\n" 151 "SO_RCVLOWAT\n" 152 "Modern server operating systems are tuned for\n" 153 "high network performance in the majority of situations;\n" 154 "when you set 'socket options' you are overriding those\n" 155 "settings.\n" 156 "Linux in particular has an auto-tuning mechanism for\n" 157 "buffer sizes (SO_SNDBUF, SO_RCVBUF) that will be\n" 158 "disabled if you specify a socket buffer size. This can\n" 159 "potentially cripple your TCP/IP stack.\n\n" 160 "Getting the 'socket options' correct can make a big\n" 161 "difference to your performance, but getting them wrong\n" 162 "can degrade it by just as much. As with any other low\n" 163 "level setting, if you must make changes to it, make\n " 164 "small changes and test the effect before making any\n" 165 "large changes.\n\n", 166 socket_options); 125 167 } 126 168 … … 129 171 */ 130 172 131 if((lp_security() == SEC_SERVER || lp_security() >= SEC_DOMAIN) && !*lp_passwordserver()) { 132 const char *sec_setting; 133 if(lp_security() == SEC_SERVER) 134 sec_setting = "server"; 135 else if(lp_security() == SEC_DOMAIN) 136 sec_setting = "domain"; 137 else if(lp_security() == SEC_ADS) 138 sec_setting = "ads"; 139 else 140 sec_setting = ""; 141 142 fprintf(stderr, "ERROR: The setting 'security=%s' requires the 'password server' parameter be set\n" 143 "to the default value * or a valid password server.\n", sec_setting ); 144 ret = 1; 145 } 146 147 if((lp_security() >= SEC_DOMAIN) && (strcmp(lp_passwordserver(), "*") != 0)) { 173 if((lp_security() >= SEC_DOMAIN) && !*lp_password_server()) { 148 174 const char *sec_setting; 149 175 if(lp_security() == SEC_DOMAIN) … … 154 180 sec_setting = ""; 155 181 156 fprintf(stderr, "WARNING: The setting 'security=%s' should NOT be combined with the 'password server' parameter.\n" 157 "(by default Samba will discover the correct DC to contact automatically).\n", sec_setting ); 182 fprintf(stderr, "ERROR: The setting 'security=%s' requires the " 183 "'password server' parameter be set to the " 184 "default value * or a valid password server.\n\n", 185 sec_setting ); 186 ret = 1; 187 } 188 189 if((lp_security() >= SEC_DOMAIN) && (strcmp(lp_password_server(), "*") != 0)) { 190 const char *sec_setting; 191 if(lp_security() == SEC_DOMAIN) 192 sec_setting = "domain"; 193 else if(lp_security() == SEC_ADS) 194 sec_setting = "ads"; 195 else 196 sec_setting = ""; 197 198 fprintf(stderr, "WARNING: The setting 'security=%s' should NOT " 199 "be combined with the 'password server' " 200 "parameter.\n" 201 "(by default Samba will discover the correct DC " 202 "to contact automatically).\n\n", 203 sec_setting ); 158 204 } 159 205 … … 172 218 #endif 173 219 174 if((lp_passwd_program( ) == NULL) ||175 (strlen(lp_passwd_program( )) == 0))220 if((lp_passwd_program(talloc_tos()) == NULL) || 221 (strlen(lp_passwd_program(talloc_tos())) == 0)) 176 222 { 177 fprintf( stderr, "ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd program' \ 178 parameter.\n" ); 223 fprintf(stderr, 224 "ERROR: the 'unix password sync' " 225 "parameter is set and there is no valid " 226 "'passwd program' parameter.\n\n"); 179 227 ret = 1; 180 228 } else { … … 183 231 const char *p; 184 232 185 passwd_prog = lp_passwd_program( );233 passwd_prog = lp_passwd_program(talloc_tos()); 186 234 p = passwd_prog; 187 235 next_token_talloc(talloc_tos(), … … 189 237 &truncated_prog, NULL); 190 238 if (truncated_prog && access(truncated_prog, F_OK) == -1) { 191 fprintf(stderr, "ERROR: the 'unix password sync' parameter is set and the 'passwd program' (%s) \ 192 cannot be executed (error was %s).\n", truncated_prog, strerror(errno) ); 239 fprintf(stderr, 240 "ERROR: the 'unix password sync' " 241 "parameter is set and the " 242 "'passwd program' (%s) cannot be " 243 "executed (error was %s).\n\n", 244 truncated_prog, 245 strerror(errno)); 193 246 ret = 1; 194 247 } … … 199 252 #endif 200 253 201 if(lp_passwd_chat() == NULL) { 202 fprintf(stderr, "ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd chat' \ 203 parameter.\n"); 254 if(lp_passwd_chat(talloc_tos()) == NULL) { 255 fprintf(stderr, 256 "ERROR: the 'unix password sync' parameter is " 257 "set and there is no valid 'passwd chat' " 258 "parameter.\n\n"); 204 259 ret = 1; 205 260 } 206 261 207 if ((lp_passwd_program( ) != NULL) &&208 (strlen(lp_passwd_program( )) > 0))262 if ((lp_passwd_program(talloc_tos()) != NULL) && 263 (strlen(lp_passwd_program(talloc_tos())) > 0)) 209 264 { 210 265 /* check if there's a %u parameter present */ 211 if(strstr_m(lp_passwd_program(), "%u") == NULL) { 212 fprintf(stderr, "ERROR: the 'passwd program' (%s) requires a '%%u' parameter.\n", lp_passwd_program()); 266 if(strstr_m(lp_passwd_program(talloc_tos()), "%u") == NULL) { 267 fprintf(stderr, 268 "ERROR: the 'passwd program' (%s) " 269 "requires a '%%u' parameter.\n\n", 270 lp_passwd_program(talloc_tos())); 213 271 ret = 1; 214 272 } … … 220 278 */ 221 279 222 if(lp_encrypted_passwords()) { 223 if(strstr_m( lp_passwd_chat(), "%o")!=NULL) { 224 fprintf(stderr, "ERROR: the 'passwd chat' script [%s] expects to use the old plaintext password \ 225 via the %%o substitution. With encrypted passwords this is not possible.\n", lp_passwd_chat() ); 280 if(lp_encrypt_passwords()) { 281 if(strstr_m( lp_passwd_chat(talloc_tos()), "%o")!=NULL) { 282 fprintf(stderr, 283 "ERROR: the 'passwd chat' script [%s] " 284 "expects to use the old plaintext " 285 "password via the %%o substitution. With " 286 "encrypted passwords this is not " 287 "possible.\n\n", 288 lp_passwd_chat(talloc_tos()) ); 226 289 ret = 1; 227 290 } … … 230 293 231 294 if (strlen(lp_winbind_separator()) != 1) { 232 fprintf(stderr,"ERROR: the 'winbind separator' parameter must be a single character.\n"); 295 fprintf(stderr, "ERROR: the 'winbind separator' parameter must " 296 "be a single character.\n\n"); 233 297 ret = 1; 234 298 } 235 299 236 300 if (*lp_winbind_separator() == '+') { 237 fprintf(stderr,"'winbind separator = +' might cause problems with group membership.\n"); 301 fprintf(stderr, "'winbind separator = +' might cause problems " 302 "with group membership.\n\n"); 238 303 } 239 304 … … 241 306 /* Try to prevent admin foot-shooting, we can't put algorithmic 242 307 rids below 1000, that's the 'well known RIDs' on NT */ 243 fprintf(stderr,"'algorithmic rid base' must be equal to or above %lu\n", BASE_RID); 308 fprintf(stderr, "'algorithmic rid base' must be equal to or " 309 "above %lu\n\n", BASE_RID); 244 310 } 245 311 246 312 if (lp_algorithmic_rid_base() & 1) { 247 fprintf(stderr, "'algorithmic rid base' must be even.\n");313 fprintf(stderr, "'algorithmic rid base' must be even.\n\n"); 248 314 } 249 315 250 316 #ifndef HAVE_DLOPEN 251 317 if (lp_preload_modules()) { 252 fprintf(stderr,"WARNING: 'preload modules = ' set while loading plugins not supported.\n"); 318 fprintf(stderr, "WARNING: 'preload modules = ' set while loading " 319 "plugins not supported.\n\n"); 253 320 } 254 321 #endif 255 322 256 323 if (!lp_passdb_backend()) { 257 fprintf(stderr,"ERROR: passdb backend must have a value or be left out\n"); 324 fprintf(stderr, "ERROR: passdb backend must have a value or be " 325 "left out\n\n"); 258 326 } 259 327 260 328 if (lp_os_level() > 255) { 261 fprintf(stderr,"WARNING: Maximum value for 'os level' is 255!\n"); 329 fprintf(stderr, "WARNING: Maximum value for 'os level' is " 330 "255!\n\n"); 331 } 332 333 if (strequal(lp_dos_charset(), "UTF8") || strequal(lp_dos_charset(), "UTF-8")) { 334 fprintf(stderr, "ERROR: 'dos charset' must not be UTF8\n\n"); 335 ret = 1; 262 336 } 263 337 … … 270 344 static void do_per_share_checks(int s) 271 345 { 272 const char **deny_list = lp_hosts deny(s);273 const char **allow_list = lp_hosts allow(s);346 const char **deny_list = lp_hosts_deny(s); 347 const char **allow_list = lp_hosts_allow(s); 274 348 int i; 275 349 … … 279 353 char *hasquery = strchr_m(deny_list[i], '?'); 280 354 if(hasstar || hasquery) { 281 fprintf(stderr,"Invalid character %c in hosts deny list (%s) for service %s.\n", 282 hasstar ? *hasstar : *hasquery, deny_list[i], lp_servicename(s) ); 355 fprintf(stderr, 356 "Invalid character %c in hosts deny list " 357 "(%s) for service %s.\n\n", 358 hasstar ? *hasstar : *hasquery, 359 deny_list[i], 360 lp_servicename(talloc_tos(), s)); 283 361 } 284 362 } … … 290 368 char *hasquery = strchr_m(allow_list[i], '?'); 291 369 if(hasstar || hasquery) { 292 fprintf(stderr,"Invalid character %c in hosts allow list (%s) for service %s.\n", 293 hasstar ? *hasstar : *hasquery, allow_list[i], lp_servicename(s) ); 370 fprintf(stderr, 371 "Invalid character %c in hosts allow " 372 "list (%s) for service %s.\n\n", 373 hasstar ? *hasstar : *hasquery, 374 allow_list[i], 375 lp_servicename(talloc_tos(), s)); 294 376 } 295 377 } … … 297 379 298 380 if(lp_level2_oplocks(s) && !lp_oplocks(s)) { 299 fprintf(stderr,"Invalid combination of parameters for service %s. \ 300 Level II oplocks can only be set if oplocks are also set.\n", 301 lp_servicename(s) ); 302 } 303 304 if (lp_map_hidden(s) && !(lp_create_mask(s) & S_IXOTH)) { 305 fprintf(stderr,"Invalid combination of parameters for service %s. \ 306 Map hidden can only work if create mask includes octal 01 (S_IXOTH).\n", 307 lp_servicename(s) ); 308 } 309 if (lp_map_hidden(s) && (lp_force_create_mode(s) & S_IXOTH)) { 310 fprintf(stderr,"Invalid combination of parameters for service %s. \ 311 Map hidden can only work if force create mode excludes octal 01 (S_IXOTH).\n", 312 lp_servicename(s) ); 313 } 314 if (lp_map_system(s) && !(lp_create_mask(s) & S_IXGRP)) { 315 fprintf(stderr,"Invalid combination of parameters for service %s. \ 316 Map system can only work if create mask includes octal 010 (S_IXGRP).\n", 317 lp_servicename(s) ); 318 } 319 if (lp_map_system(s) && (lp_force_create_mode(s) & S_IXGRP)) { 320 fprintf(stderr,"Invalid combination of parameters for service %s. \ 321 Map system can only work if force create mode excludes octal 010 (S_IXGRP).\n", 322 lp_servicename(s) ); 323 } 324 #ifdef HAVE_CUPS 325 if (lp_printing(s) == PRINT_CUPS && *(lp_printcommand(s)) != '\0') { 326 fprintf(stderr,"Warning: Service %s defines a print command, but \ 327 rameter is ignored when using CUPS libraries.\n", 328 lp_servicename(s) ); 329 } 330 #endif 381 fprintf(stderr, "Invalid combination of parameters for service " 382 "%s. Level II oplocks can only be set if oplocks " 383 "are also set.\n\n", 384 lp_servicename(talloc_tos(), s)); 385 } 386 387 if (!lp_store_dos_attributes(s) && lp_map_hidden(s) 388 && !(lp_create_mask(s) & S_IXOTH)) 389 { 390 fprintf(stderr, 391 "Invalid combination of parameters for service %s. Map " 392 "hidden can only work if create mask includes octal " 393 "01 (S_IXOTH).\n\n", 394 lp_servicename(talloc_tos(), s)); 395 } 396 if (!lp_store_dos_attributes(s) && lp_map_hidden(s) 397 && (lp_force_create_mode(s) & S_IXOTH)) 398 { 399 fprintf(stderr, 400 "Invalid combination of parameters for service " 401 "%s. Map hidden can only work if force create mode " 402 "excludes octal 01 (S_IXOTH).\n\n", 403 lp_servicename(talloc_tos(), s)); 404 } 405 if (!lp_store_dos_attributes(s) && lp_map_system(s) 406 && !(lp_create_mask(s) & S_IXGRP)) 407 { 408 fprintf(stderr, 409 "Invalid combination of parameters for service " 410 "%s. Map system can only work if create mask includes " 411 "octal 010 (S_IXGRP).\n\n", 412 lp_servicename(talloc_tos(), s)); 413 } 414 if (!lp_store_dos_attributes(s) && lp_map_system(s) 415 && (lp_force_create_mode(s) & S_IXGRP)) 416 { 417 fprintf(stderr, 418 "Invalid combination of parameters for service " 419 "%s. Map system can only work if force create mode " 420 "excludes octal 010 (S_IXGRP).\n\n", 421 lp_servicename(talloc_tos(), s)); 422 } 423 if (lp_printing(s) == PRINT_CUPS && *(lp_print_command(talloc_tos(), s)) != '\0') { 424 fprintf(stderr, 425 "Warning: Service %s defines a print command, but " 426 "parameter is ignored when using CUPS libraries.\n\n", 427 lp_servicename(talloc_tos(), s)); 428 } 331 429 } 332 430 … … 362 460 TALLOC_CTX *frame = talloc_stackframe(); 363 461 364 load_case_tables();462 smb_init_locale(); 365 463 /* 366 464 * Set the default debug level to 2. … … 399 497 fprintf(stderr,"Load smb config files from %s\n",config_file); 400 498 401 if (!lp_load_with_registry_shares(config_file ,False,True,False,True)) {499 if (!lp_load_with_registry_shares(config_file)) { 402 500 fprintf(stderr,"Error loading services.\n"); 403 501 ret = 1; … … 413 511 for (s=0;s<1000;s++) { 414 512 if (VALID_SNUM(s)) 415 if (strlen(lp_servicename( s)) > 12) {513 if (strlen(lp_servicename(talloc_tos(), s)) > 12) { 416 514 fprintf(stderr, "WARNING: You have some share names that are longer than 12 characters.\n" ); 417 515 fprintf(stderr, "These may not be accessible to some older clients.\n" ); … … 429 527 430 528 if (!section_name && !parameter_name) { 431 fprintf(stderr,"Server role: %s\n", server_role_str(lp_server_role())); 529 fprintf(stderr, 530 "Server role: %s\n\n", 531 server_role_str(lp_server_role())); 432 532 } 433 533 … … 475 575 for (s=0;s<1000;s++) { 476 576 if (VALID_SNUM(s)) { 477 if (allow_access(lp_hosts deny(-1), lp_hostsallow(-1), cname, caddr)478 && allow_access(lp_hosts deny(s), lp_hostsallow(s), cname, caddr)) {577 if (allow_access(lp_hosts_deny(-1), lp_hosts_allow(-1), cname, caddr) 578 && allow_access(lp_hosts_deny(s), lp_hosts_allow(s), cname, caddr)) { 479 579 fprintf(stderr,"Allow connection from %s (%s) to %s\n", 480 cname,caddr,lp_servicename( s));580 cname,caddr,lp_servicename(talloc_tos(), s)); 481 581 } else { 482 582 fprintf(stderr,"Deny connection from %s (%s) to %s\n", 483 cname,caddr,lp_servicename( s));583 cname,caddr,lp_servicename(talloc_tos(), s)); 484 584 } 485 585 }
Note:
See TracChangeset
for help on using the changeset viewer.
