Two patches to add self-checks, part 2 of 7
Dave Collier-Brown
davec-b at rogers.com
Fri Apr 11 23:05:08 GMT 2003
--
David Collier-Brown, | Always do right. This will gratify
Americas Customer Eng | some people and astonish the rest.
at Sun Canada | -- Mark Twain
(905) 415-2849 | davecb at spamcop.net
-------------- next part --------------
--- testparm.old.c Sun Apr 6 19:10:20 2003
+++ testparm.c Sun Apr 6 19:05:49 2003
@@ -37,148 +37,15 @@
extern BOOL AllowDebugChange;
/***********************************************
- Here we do a set of 'hard coded' checks for bad
- configuration settings.
+Here we formerly did a set of 'hard coded' checks for bad
+configuration settings, called do_global_checks(void).
+This is now done in loadparm, in globals_ok() -- Dave C-B
************************************************/
static int do_global_checks(void)
{
- int ret = 0;
- SMB_STRUCT_STAT st;
-
- if (lp_security() >= SEC_DOMAIN && !lp_encrypted_passwords()) {
- printf("ERROR: in 'security=domain' mode the 'encrypt passwords' parameter must always be set to 'true'.\n");
- ret = 1;
- }
-
- if (lp_wins_support() && lp_wins_server_list()) {
- printf("ERROR: both 'wins support = true' and 'wins server = <server list>' \
-cannot be set in the smb.conf file. nmbd will abort with this setting.\n");
- ret = 1;
- }
-
- if (!directory_exist(lp_lockdir(), &st)) {
- printf("ERROR: lock directory %s does not exist\n",
- lp_lockdir());
- ret = 1;
- } else if ((st.st_mode & 0777) != 0755) {
- printf("WARNING: lock directory %s should have permissions 0755 for browsing to work\n",
- lp_lockdir());
- ret = 1;
- }
-
- if (!directory_exist(lp_piddir(), &st)) {
- printf("ERROR: pid directory %s does not exist\n",
- lp_piddir());
- ret = 1;
- }
-
- /*
- * Password server sanity checks.
- */
-
- if((lp_security() == SEC_SERVER || lp_security() >= SEC_DOMAIN) && !lp_passwordserver()) {
- pstring sec_setting;
- if(lp_security() == SEC_SERVER)
- pstrcpy(sec_setting, "server");
- else if(lp_security() == SEC_DOMAIN)
- pstrcpy(sec_setting, "domain");
-
- printf("ERROR: The setting 'security=%s' requires the 'password server' parameter be set \
-to a valid password server.\n", sec_setting );
- ret = 1;
- }
-
-
- /*
- * Check 'hosts equiv' and 'use rhosts' compatibility with 'hostname lookup' value.
- */
-
- if(*lp_hosts_equiv() && !lp_hostname_lookups()) {
- printf("ERROR: The setting 'hosts equiv = %s' requires that 'hostname lookups = yes'.\n", lp_hosts_equiv());
- ret = 1;
- }
-
- /*
- * Password chat sanity checks.
- */
-
- if(lp_security() == SEC_USER && lp_unix_password_sync()) {
-
- /*
- * Check that we have a valid lp_passwd_program() if not using pam.
- */
-
-#ifdef WITH_PAM
- if (!lp_pam_password_change()) {
-#endif
-
- if(lp_passwd_program() == NULL) {
- printf("ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd program' \
-parameter.\n" );
- ret = 1;
- } else {
- pstring passwd_prog;
- pstring truncated_prog;
- const char *p;
-
- pstrcpy( passwd_prog, lp_passwd_program());
- p = passwd_prog;
- *truncated_prog = '\0';
- next_token(&p, truncated_prog, NULL, sizeof(pstring));
-
- if(access(truncated_prog, F_OK) == -1) {
- printf("ERROR: the 'unix password sync' parameter is set and the 'passwd program' (%s) \
-cannot be executed (error was %s).\n", truncated_prog, strerror(errno) );
- ret = 1;
- }
- }
-
-#ifdef WITH_PAM
- }
-#endif
-
- if(lp_passwd_chat() == NULL) {
- printf("ERROR: the 'unix password sync' parameter is set and there is no valid 'passwd chat' \
-parameter.\n");
- ret = 1;
- }
-
- /*
- * Check that we have a valid script and that it hasn't
- * been written to expect the old password.
- */
-
- if(lp_encrypted_passwords()) {
- if(strstr( lp_passwd_chat(), "%o")!=NULL) {
- printf("ERROR: the 'passwd chat' script [%s] expects to use the old plaintext password \
-via the %%o substitution. With encrypted passwords this is not possible.\n", lp_passwd_chat() );
- ret = 1;
- }
- }
- }
-
- if (strlen(lp_winbind_separator()) != 1) {
- printf("ERROR: the 'winbind separator' parameter must be a single character.\n");
- ret = 1;
- }
-
- if (*lp_winbind_separator() == '+') {
- printf("'winbind separator = +' might cause problems with group membership.\n");
- }
-
- if (lp_algorithmic_rid_base() < BASE_RID) {
- /* Try to prevent admin foot-shooting, we can't put algorithmic
- rids below 1000, that's the 'well known RIDs' on NT */
- printf("'algorithmic rid base' must be equal to or above %lu\n", BASE_RID);
- }
-
- if (lp_algorithmic_rid_base() & 1) {
- printf("'algorithmic rid base' must be even.\n");
- }
-
- return ret;
-}
+ return 0;
+}
int main(int argc, const char *argv[])
{
More information about the samba-technical
mailing list