diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-08-22 21:01:16 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-08-23 15:02:26 +0200 |
| commit | 8c71dc3505ab83ce95ab40a56f77313c4448be16 (patch) | |
| tree | 2b05134a58d1f78afde52fdc81a95c69b5691135 | |
| parent | 332efe1539d83c0971f151f902f234e5a8bf0690 (diff) | |
| download | samba-8c71dc3505ab83ce95ab40a56f77313c4448be16.tar.gz | |
param: Add startup checks for valid server role/binary combinations
This should eliminate confusion from our users about what they can
expect to successfully run.
Andrew Bartlett
| -rw-r--r-- | file_server/file_server.c | 1 | ||||
| -rw-r--r-- | source3/nmbd/nmbd.c | 10 | ||||
| -rw-r--r-- | source3/smbd/server.c | 7 | ||||
| -rw-r--r-- | source3/winbindd/winbindd.c | 6 | ||||
| -rw-r--r-- | source4/smbd/server.c | 11 |
5 files changed, 35 insertions, 0 deletions
diff --git a/file_server/file_server.c b/file_server/file_server.c index 448894ecbda..b6f73824f6c 100644 --- a/file_server/file_server.c +++ b/file_server/file_server.c @@ -50,6 +50,7 @@ static const char *generate_smb_conf(struct task_server *task) fdprintf(fd, "[globals]\n"); fdprintf(fd, "# auto-generated config for fileserver\n"); + fdprintf(fd, "server role check:inhibit=yes\n"); fdprintf(fd, "passdb backend = samba4\n"); fdprintf(fd, "rpc_server:default = external\n"); fdprintf(fd, "rpc_server:svcctl = embedded\n"); diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c index 1728bb9c5a1..d4df2020d5c 100644 --- a/source3/nmbd/nmbd.c +++ b/source3/nmbd/nmbd.c @@ -888,6 +888,16 @@ static bool open_sockets(bool isdaemon, int port) exit(1); } + if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC + && !lp_parm_bool(-1, "server role check", "inhibit", false)) { + /* TODO: when we have a merged set of defaults for + * loadparm, we could possibly check if the internal + * nbt server is in the list, and allow a startup if disabled */ + DEBUG(0, ("server role = 'active directory domain controller' not compatible with running nmbd standalone. \n")); + DEBUGADD(0, ("You should start 'samba' instead, and it will control starting the internal nbt server\n")); + exit(1); + } + msg = messaging_init(NULL, server_event_context()); if (msg == NULL) { return 1; diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 6abf8ccaeb3..d53b19a57f3 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -1227,6 +1227,13 @@ extern void build_options(bool screen); exit(1); } + if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC + && !lp_parm_bool(-1, "server role check", "inhibit", false)) { + DEBUG(0, ("server role = 'active directory domain controller' not compatible with running smbd standalone. \n")); + DEBUGADD(0, ("You should start 'samba' instead, and it will control starting smbd if required\n")); + exit(1); + } + /* ...NOTE... Log files are working from this point! */ DEBUG(3,("loaded services\n")); diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index c43b5859e22..eab62a7028f 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -1406,6 +1406,12 @@ int main(int argc, char **argv, char **envp) */ dump_core_setup("winbindd", lp_logfile(talloc_tos())); + if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) { + DEBUG(0, ("server role = 'active directory domain controller' not compatible with running the winbindd binary. \n")); + DEBUGADD(0, ("You should start 'samba' instead, and it will control starting the internal AD DC winbindd implementation, which is not the same as this one\n")); + exit(1); + } + /* Initialise messaging system */ if (winbind_messaging_context() == NULL) { diff --git a/source4/smbd/server.c b/source4/smbd/server.c index f3405a7c2ac..b3d8ae5f5da 100644 --- a/source4/smbd/server.c +++ b/source4/smbd/server.c @@ -453,6 +453,17 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ discard_const(binary_name)); } + if (lpcfg_server_role(cmdline_lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC + && !lpcfg_parm_bool(cmdline_lp_ctx, NULL, "server role check", "inhibit", false) + && !str_list_check_ci(lpcfg_server_services(cmdline_lp_ctx), "smb") + && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "remote") + && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "mapiproxy")) { + DEBUG(0, ("At this time the 'samba' binary should only be used for either:\n")); + DEBUGADD(0, ("'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote'\n")); + DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks\n")); + exit(1); + }; + prime_ldb_databases(event_ctx); status = setup_parent_messaging(event_ctx, cmdline_lp_ctx); |