xref: /titanic_50/usr/src/lib/smbsrv/libsmb/common/smb_cfg.c (revision 613b28719c10e84c1202c1045df44d77767de21d)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"@(#)smb_cfg.c	1.5	08/07/08 SMI"
27 
28 /*
29  * CIFS configuration management library
30  */
31 
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <unistd.h>
35 #include <synch.h>
36 #include <string.h>
37 #include <strings.h>
38 #include <syslog.h>
39 #include <netdb.h>
40 #include <ctype.h>
41 #include <sys/types.h>
42 #include <libscf.h>
43 #include <assert.h>
44 #include <smbsrv/libsmb.h>
45 
46 typedef struct smb_cfg_param {
47 	smb_cfg_id_t sc_id;
48 	char *sc_name;
49 	int sc_type;
50 	uint32_t sc_flags;
51 } smb_cfg_param_t;
52 
53 /*
54  * config parameter flags
55  */
56 #define	SMB_CF_PROTECTED	0x01
57 
58 /* idmap SMF fmri and Property Group */
59 #define	IDMAP_FMRI_PREFIX		"system/idmap"
60 #define	MACHINE_SID			"machine_sid"
61 #define	IDMAP_DOMAIN			"domain_name"
62 #define	IDMAP_PG_NAME			"config"
63 
64 #define	SMB_SECMODE_WORKGRP_STR 	"workgroup"
65 #define	SMB_SECMODE_DOMAIN_STR  	"domain"
66 
67 #define	SMB_ENC_LEN	1024
68 #define	SMB_DEC_LEN	256
69 
70 static char *b64_data =
71 	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
72 
73 static smb_cfg_param_t smb_cfg_table[] =
74 {
75 	/* Oplock configuration, Kernel Only */
76 	{SMB_CI_OPLOCK_ENABLE, "oplock_enable", SCF_TYPE_BOOLEAN, 0},
77 
78 	/* Autohome configuration */
79 	{SMB_CI_AUTOHOME_MAP, "autohome_map", SCF_TYPE_ASTRING, 0},
80 
81 	/* Domain/PDC configuration */
82 	{SMB_CI_DOMAIN_SID, "domain_sid", SCF_TYPE_ASTRING, 0},
83 	{SMB_CI_DOMAIN_MEMB, "domain_member", SCF_TYPE_BOOLEAN, 0},
84 	{SMB_CI_DOMAIN_NAME, "domain_name", SCF_TYPE_ASTRING, 0},
85 	{SMB_CI_DOMAIN_SRV, "pdc", SCF_TYPE_ASTRING, 0},
86 
87 	/* WINS configuration */
88 	{SMB_CI_WINS_SRV1, "wins_server_1", SCF_TYPE_ASTRING, 0},
89 	{SMB_CI_WINS_SRV2, "wins_server_2", SCF_TYPE_ASTRING, 0},
90 	{SMB_CI_WINS_EXCL, "wins_exclude", SCF_TYPE_ASTRING, 0},
91 
92 	/* RPC services configuration */
93 	{SMB_CI_SRVSVC_SHRSET_ENABLE, "srvsvc_sharesetinfo_enable",
94 	    SCF_TYPE_BOOLEAN, 0},
95 	{SMB_CI_MLRPC_KALIVE, "mlrpc_keep_alive_interval",
96 	    SCF_TYPE_INTEGER, 0},
97 
98 	/* Kmod specific configuration */
99 	{SMB_CI_MAX_WORKERS, "max_workers", SCF_TYPE_INTEGER, 0},
100 	{SMB_CI_MAX_CONNECTIONS, "max_connections", SCF_TYPE_INTEGER, 0},
101 	{SMB_CI_KEEPALIVE, "keep_alive", SCF_TYPE_INTEGER, 0},
102 	{SMB_CI_RESTRICT_ANON, "restrict_anonymous", SCF_TYPE_BOOLEAN, 0},
103 
104 	{SMB_CI_SIGNING_ENABLE, "signing_enabled", SCF_TYPE_BOOLEAN, 0},
105 	{SMB_CI_SIGNING_REQD, "signing_required", SCF_TYPE_BOOLEAN, 0},
106 
107 	/* Kmod tuning configuration */
108 	{SMB_CI_SYNC_ENABLE, "sync_enable", SCF_TYPE_BOOLEAN, 0},
109 
110 	/* SMBd configuration */
111 	{SMB_CI_SECURITY, "security", SCF_TYPE_ASTRING, 0},
112 	{SMB_CI_NBSCOPE, "netbios_scope", SCF_TYPE_ASTRING, 0},
113 	{SMB_CI_SYS_CMNT, "system_comment", SCF_TYPE_ASTRING, 0},
114 	{SMB_CI_LM_LEVEL, "lmauth_level", SCF_TYPE_INTEGER, 0},
115 
116 	/* ADS Configuration */
117 	{SMB_CI_ADS_SITE, "ads_site", SCF_TYPE_ASTRING, 0},
118 
119 	/* Dynamic DNS */
120 	{SMB_CI_DYNDNS_ENABLE, "ddns_enable", SCF_TYPE_BOOLEAN, 0},
121 
122 	{SMB_CI_MACHINE_PASSWD, "machine_passwd", SCF_TYPE_ASTRING,
123 	    SMB_CF_PROTECTED},
124 	{SMB_CI_KPASSWD_SRV, "kpasswd_server", SCF_TYPE_ASTRING,
125 	    0},
126 	{SMB_CI_KPASSWD_DOMAIN, "kpasswd_domain", SCF_TYPE_ASTRING,
127 	    0},
128 	{SMB_CI_KPASSWD_SEQNUM, "kpasswd_seqnum", SCF_TYPE_INTEGER,
129 	    0},
130 	{SMB_CI_NETLOGON_SEQNUM, "netlogon_seqnum", SCF_TYPE_INTEGER,
131 	    0}
132 
133 	/* SMB_CI_MAX */
134 };
135 
136 static smb_cfg_param_t *smb_config_getent(smb_cfg_id_t);
137 
138 static boolean_t smb_is_base64(unsigned char c);
139 static char *smb_base64_encode(char *str_to_encode);
140 static char *smb_base64_decode(char *encoded_str);
141 
142 char *
143 smb_config_getname(smb_cfg_id_t id)
144 {
145 	smb_cfg_param_t *cfg;
146 	cfg = smb_config_getent(id);
147 	return (cfg->sc_name);
148 }
149 
150 static boolean_t
151 smb_is_base64(unsigned char c)
152 {
153 	return (isalnum(c) || (c == '+') || (c == '/'));
154 }
155 
156 /*
157  * smb_base64_encode
158  *
159  * Encode a string using base64 algorithm.
160  * Caller should free the returned buffer when done.
161  */
162 static char *
163 smb_base64_encode(char *str_to_encode)
164 {
165 	int ret_cnt = 0;
166 	int i = 0, j = 0;
167 	char arr_3[3], arr_4[4];
168 	int len = strlen(str_to_encode);
169 	char *ret = malloc(SMB_ENC_LEN);
170 
171 	if (ret == NULL) {
172 		return (NULL);
173 	}
174 
175 	while (len--) {
176 		arr_3[i++] = *(str_to_encode++);
177 		if (i == 3) {
178 			arr_4[0] = (arr_3[0] & 0xfc) >> 2;
179 			arr_4[1] = ((arr_3[0] & 0x03) << 4) +
180 			    ((arr_3[1] & 0xf0) >> 4);
181 			arr_4[2] = ((arr_3[1] & 0x0f) << 2) +
182 			    ((arr_3[2] & 0xc0) >> 6);
183 			arr_4[3] = arr_3[2] & 0x3f;
184 
185 			for (i = 0; i < 4; i++)
186 				ret[ret_cnt++] = b64_data[arr_4[i]];
187 			i = 0;
188 		}
189 	}
190 
191 	if (i) {
192 		for (j = i; j < 3; j++)
193 			arr_3[j] = '\0';
194 
195 		arr_4[0] = (arr_3[0] & 0xfc) >> 2;
196 		arr_4[1] = ((arr_3[0] & 0x03) << 4) +
197 		    ((arr_3[1] & 0xf0) >> 4);
198 		arr_4[2] = ((arr_3[1] & 0x0f) << 2) +
199 		    ((arr_3[2] & 0xc0) >> 6);
200 		arr_4[3] = arr_3[2] & 0x3f;
201 
202 		for (j = 0; j < (i + 1); j++)
203 			ret[ret_cnt++] = b64_data[arr_4[j]];
204 
205 		while (i++ < 3)
206 			ret[ret_cnt++] = '=';
207 	}
208 
209 	ret[ret_cnt++] = '\0';
210 	return (ret);
211 }
212 
213 /*
214  * smb_base64_decode
215  *
216  * Decode using base64 algorithm.
217  * Caller should free the returned buffer when done.
218  */
219 static char *
220 smb_base64_decode(char *encoded_str)
221 {
222 	int len = strlen(encoded_str);
223 	int i = 0, j = 0;
224 	int en_ind = 0;
225 	char arr_4[4], arr_3[3];
226 	int ret_cnt = 0;
227 	char *ret = malloc(SMB_DEC_LEN);
228 	char *p;
229 
230 	if (ret == NULL) {
231 		return (NULL);
232 	}
233 
234 	while (len-- && (encoded_str[en_ind] != '=') &&
235 	    smb_is_base64(encoded_str[en_ind])) {
236 		arr_4[i++] = encoded_str[en_ind];
237 		en_ind++;
238 		if (i == 4) {
239 			for (i = 0; i < 4; i++) {
240 				if ((p = strchr(b64_data, arr_4[i])) == NULL)
241 					return (NULL);
242 
243 				arr_4[i] = (int)(p - b64_data);
244 			}
245 
246 			arr_3[0] = (arr_4[0] << 2) +
247 			    ((arr_4[1] & 0x30) >> 4);
248 			arr_3[1] = ((arr_4[1] & 0xf) << 4) +
249 			    ((arr_4[2] & 0x3c) >> 2);
250 			arr_3[2] = ((arr_4[2] & 0x3) << 6) +
251 			    arr_4[3];
252 
253 			for (i = 0; i < 3; i++)
254 				ret[ret_cnt++] = arr_3[i];
255 
256 			i = 0;
257 		}
258 	}
259 
260 	if (i) {
261 		for (j = i; j < 4; j++)
262 			arr_4[j] = 0;
263 
264 		for (j = 0; j < 4; j++) {
265 			if ((p = strchr(b64_data, arr_4[j])) == NULL)
266 				return (NULL);
267 
268 			arr_4[j] = (int)(p - b64_data);
269 		}
270 		arr_3[0] = (arr_4[0] << 2) +
271 		    ((arr_4[1] & 0x30) >> 4);
272 		arr_3[1] = ((arr_4[1] & 0xf) << 4) +
273 		    ((arr_4[2] & 0x3c) >> 2);
274 		arr_3[2] = ((arr_4[2] & 0x3) << 6) +
275 		    arr_4[3];
276 		for (j = 0; j < (i - 1); j++)
277 			ret[ret_cnt++] = arr_3[j];
278 	}
279 
280 	ret[ret_cnt++] = '\0';
281 	return (ret);
282 }
283 
284 static char *
285 smb_config_getenv_generic(char *name, char *svc_fmri_prefix, char *svc_propgrp)
286 {
287 	smb_scfhandle_t *handle;
288 	char *value;
289 
290 	if ((value = malloc(MAX_VALUE_BUFLEN * sizeof (char))) == NULL)
291 		return (NULL);
292 
293 	handle = smb_smf_scf_init(svc_fmri_prefix);
294 	if (handle == NULL) {
295 		free(value);
296 		return (NULL);
297 	}
298 
299 	(void) smb_smf_create_service_pgroup(handle, svc_propgrp);
300 
301 	if (smb_smf_get_string_property(handle, name, value,
302 	    sizeof (char) * MAX_VALUE_BUFLEN) != 0) {
303 		smb_smf_scf_fini(handle);
304 		free(value);
305 		return (NULL);
306 	}
307 
308 	smb_smf_scf_fini(handle);
309 	return (value);
310 
311 }
312 
313 static int
314 smb_config_setenv_generic(char *svc_fmri_prefix, char *svc_propgrp,
315     char *name, char *value)
316 {
317 	smb_scfhandle_t *handle = NULL;
318 	int rc = 0;
319 
320 
321 	handle = smb_smf_scf_init(svc_fmri_prefix);
322 	if (handle == NULL) {
323 		return (1);
324 	}
325 
326 	(void) smb_smf_create_service_pgroup(handle, svc_propgrp);
327 
328 	if (smb_smf_start_transaction(handle) != SMBD_SMF_OK) {
329 		smb_smf_scf_fini(handle);
330 		return (1);
331 	}
332 
333 	if (smb_smf_set_string_property(handle, name, value) != SMBD_SMF_OK)
334 		rc = 1;
335 
336 	if (smb_smf_end_transaction(handle) != SMBD_SMF_OK)
337 		rc = 1;
338 
339 	smb_smf_scf_fini(handle);
340 	return (rc);
341 }
342 
343 /*
344  * smb_config_getstr
345  *
346  * Fetch the specified string configuration item from SMF
347  */
348 int
349 smb_config_getstr(smb_cfg_id_t id, char *cbuf, int bufsz)
350 {
351 	smb_scfhandle_t *handle;
352 	smb_cfg_param_t *cfg;
353 	int rc = SMBD_SMF_OK;
354 
355 	*cbuf = '\0';
356 	cfg = smb_config_getent(id);
357 	assert(cfg->sc_type == SCF_TYPE_ASTRING);
358 
359 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
360 	if (handle == NULL)
361 		return (SMBD_SMF_SYSTEM_ERR);
362 
363 	if (cfg->sc_flags & SMB_CF_PROTECTED) {
364 		char protbuf[SMB_ENC_LEN];
365 		char *tmp;
366 
367 		if ((rc = smb_smf_create_service_pgroup(handle,
368 		    SMBD_PROTECTED_PG_NAME)) != SMBD_SMF_OK)
369 			goto error;
370 
371 		if ((rc = smb_smf_get_string_property(handle, cfg->sc_name,
372 		    protbuf, sizeof (protbuf))) != SMBD_SMF_OK)
373 			goto error;
374 
375 		if (*protbuf != '\0') {
376 			tmp = smb_base64_decode(protbuf);
377 			(void) strlcpy(cbuf, tmp, bufsz);
378 			free(tmp);
379 		}
380 	} else {
381 		rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
382 		if (rc == SMBD_SMF_OK)
383 			rc = smb_smf_get_string_property(handle, cfg->sc_name,
384 			    cbuf, bufsz);
385 	}
386 
387 error:
388 	smb_smf_scf_fini(handle);
389 	return (rc);
390 }
391 
392 /*
393  * smb_config_getnum
394  *
395  * Returns the value of a numeric config param.
396  */
397 int
398 smb_config_getnum(smb_cfg_id_t id, int64_t *cint)
399 {
400 	smb_scfhandle_t *handle;
401 	smb_cfg_param_t *cfg;
402 	int rc = SMBD_SMF_OK;
403 
404 	*cint = 0;
405 	cfg = smb_config_getent(id);
406 	assert(cfg->sc_type == SCF_TYPE_INTEGER);
407 
408 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
409 	if (handle == NULL)
410 		return (SMBD_SMF_SYSTEM_ERR);
411 
412 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
413 	if (rc == SMBD_SMF_OK)
414 		rc = smb_smf_get_integer_property(handle, cfg->sc_name, cint);
415 	smb_smf_scf_fini(handle);
416 
417 	return (rc);
418 }
419 
420 /*
421  * smb_config_getbool
422  *
423  * Returns the value of a boolean config param.
424  */
425 boolean_t
426 smb_config_getbool(smb_cfg_id_t id)
427 {
428 	smb_scfhandle_t *handle;
429 	smb_cfg_param_t *cfg;
430 	int rc = SMBD_SMF_OK;
431 	uint8_t vbool;
432 
433 	cfg = smb_config_getent(id);
434 	assert(cfg->sc_type == SCF_TYPE_BOOLEAN);
435 
436 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
437 	if (handle == NULL)
438 		return (B_FALSE);
439 
440 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
441 	if (rc == SMBD_SMF_OK)
442 		rc = smb_smf_get_boolean_property(handle, cfg->sc_name, &vbool);
443 	smb_smf_scf_fini(handle);
444 
445 	return ((rc == SMBD_SMF_OK) ? (vbool == 1) : B_FALSE);
446 }
447 
448 /*
449  * smb_config_get
450  *
451  * This function returns the value of the requested config
452  * iterm regardless of its type in string format. This should
453  * be used when the config item type is not known by the caller.
454  */
455 int
456 smb_config_get(smb_cfg_id_t id, char *cbuf, int bufsz)
457 {
458 	smb_cfg_param_t *cfg;
459 	int64_t cint;
460 	int rc;
461 
462 	cfg = smb_config_getent(id);
463 	switch (cfg->sc_type) {
464 	case SCF_TYPE_ASTRING:
465 		return (smb_config_getstr(id, cbuf, bufsz));
466 
467 	case SCF_TYPE_INTEGER:
468 		rc = smb_config_getnum(id, &cint);
469 		if (rc == SMBD_SMF_OK)
470 			(void) snprintf(cbuf, bufsz, "%lld", cint);
471 		return (rc);
472 
473 	case SCF_TYPE_BOOLEAN:
474 		if (smb_config_getbool(id))
475 			(void) strlcpy(cbuf, "true", bufsz);
476 		else
477 			(void) strlcpy(cbuf, "false", bufsz);
478 		return (SMBD_SMF_OK);
479 	}
480 
481 	return (SMBD_SMF_INVALID_ARG);
482 }
483 
484 /*
485  * smb_config_setstr
486  *
487  * Set the specified config param with the given
488  * value.
489  */
490 int
491 smb_config_setstr(smb_cfg_id_t id, char *value)
492 {
493 	smb_scfhandle_t *handle;
494 	smb_cfg_param_t *cfg;
495 	int rc = SMBD_SMF_OK;
496 	boolean_t protected;
497 	char *tmp = NULL;
498 	char *pg;
499 
500 	cfg = smb_config_getent(id);
501 	assert(cfg->sc_type == SCF_TYPE_ASTRING);
502 
503 	if (cfg->sc_flags & SMB_CF_PROTECTED) {
504 		pg = SMBD_PROTECTED_PG_NAME;
505 		protected = B_TRUE;
506 	} else {
507 		pg = SMBD_PG_NAME;
508 		protected = B_FALSE;
509 	}
510 
511 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
512 	if (handle == NULL)
513 		return (SMBD_SMF_SYSTEM_ERR);
514 
515 	rc = smb_smf_create_service_pgroup(handle, pg);
516 	if (rc == SMBD_SMF_OK)
517 		rc = smb_smf_start_transaction(handle);
518 
519 	if (rc != SMBD_SMF_OK) {
520 		smb_smf_scf_fini(handle);
521 		return (rc);
522 	}
523 
524 	if (protected && value && (*value != '\0')) {
525 		if ((tmp = smb_base64_encode(value)) == NULL) {
526 			(void) smb_smf_end_transaction(handle);
527 			smb_smf_scf_fini(handle);
528 			return (SMBD_SMF_NO_MEMORY);
529 		}
530 
531 		value = tmp;
532 	}
533 
534 	rc = smb_smf_set_string_property(handle, cfg->sc_name, value);
535 
536 	free(tmp);
537 	(void) smb_smf_end_transaction(handle);
538 	smb_smf_scf_fini(handle);
539 	return (rc);
540 }
541 
542 /*
543  * smb_config_setnum
544  *
545  * Sets a numeric configuration iterm
546  */
547 int
548 smb_config_setnum(smb_cfg_id_t id, int64_t value)
549 {
550 	smb_scfhandle_t *handle;
551 	smb_cfg_param_t *cfg;
552 	int rc = SMBD_SMF_OK;
553 
554 	cfg = smb_config_getent(id);
555 	assert(cfg->sc_type == SCF_TYPE_INTEGER);
556 
557 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
558 	if (handle == NULL)
559 		return (SMBD_SMF_SYSTEM_ERR);
560 
561 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
562 	if (rc == SMBD_SMF_OK)
563 		rc = smb_smf_start_transaction(handle);
564 
565 	if (rc != SMBD_SMF_OK) {
566 		smb_smf_scf_fini(handle);
567 		return (rc);
568 	}
569 
570 	rc = smb_smf_set_integer_property(handle, cfg->sc_name, value);
571 
572 	(void) smb_smf_end_transaction(handle);
573 	smb_smf_scf_fini(handle);
574 	return (rc);
575 }
576 
577 /*
578  * smb_config_setbool
579  *
580  * Sets a boolean configuration iterm
581  */
582 int
583 smb_config_setbool(smb_cfg_id_t id, boolean_t value)
584 {
585 	smb_scfhandle_t *handle;
586 	smb_cfg_param_t *cfg;
587 	int rc = SMBD_SMF_OK;
588 
589 	cfg = smb_config_getent(id);
590 	assert(cfg->sc_type == SCF_TYPE_BOOLEAN);
591 
592 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
593 	if (handle == NULL)
594 		return (SMBD_SMF_SYSTEM_ERR);
595 
596 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
597 	if (rc == SMBD_SMF_OK)
598 		rc = smb_smf_start_transaction(handle);
599 
600 	if (rc != SMBD_SMF_OK) {
601 		smb_smf_scf_fini(handle);
602 		return (rc);
603 	}
604 
605 	rc = smb_smf_set_boolean_property(handle, cfg->sc_name, value);
606 
607 	(void) smb_smf_end_transaction(handle);
608 	smb_smf_scf_fini(handle);
609 	return (rc);
610 }
611 
612 /*
613  * smb_config_set
614  *
615  * This function sets the value of the specified config
616  * iterm regardless of its type in string format. This should
617  * be used when the config item type is not known by the caller.
618  */
619 int
620 smb_config_set(smb_cfg_id_t id, char *value)
621 {
622 	smb_cfg_param_t *cfg;
623 	int64_t cint;
624 
625 	cfg = smb_config_getent(id);
626 	switch (cfg->sc_type) {
627 	case SCF_TYPE_ASTRING:
628 		return (smb_config_setstr(id, value));
629 
630 	case SCF_TYPE_INTEGER:
631 		cint = atoi(value);
632 		return (smb_config_setnum(id, cint));
633 
634 	case SCF_TYPE_BOOLEAN:
635 		return (smb_config_setbool(id, strcasecmp(value, "true") == 0));
636 	}
637 
638 	return (SMBD_SMF_INVALID_ARG);
639 }
640 uint8_t
641 smb_config_get_fg_flag()
642 {
643 	uint8_t run_fg = 0; /* Default is to run in daemon mode */
644 	smb_scfhandle_t *handle = NULL;
645 
646 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
647 	if (handle == NULL) {
648 		return (run_fg);
649 	}
650 
651 	if (smb_smf_create_service_pgroup(handle,
652 	    SMBD_PG_NAME) != SMBD_SMF_OK) {
653 		smb_smf_scf_fini(handle);
654 		return (run_fg);
655 	}
656 
657 	if (smb_smf_get_boolean_property(handle, "run_fg", &run_fg) != 0) {
658 		smb_smf_scf_fini(handle);
659 		return (run_fg);
660 	}
661 
662 	smb_smf_scf_fini(handle);
663 
664 	return (run_fg);
665 }
666 
667 /*
668  * smb_config_get_localsid
669  *
670  * Returns value of the "config/machine_sid" parameter
671  * from the IDMAP SMF configuration repository.
672  *
673  */
674 char *
675 smb_config_get_localsid(void)
676 {
677 	return (smb_config_getenv_generic(MACHINE_SID, IDMAP_FMRI_PREFIX,
678 	    IDMAP_PG_NAME));
679 }
680 
681 /*
682  * smb_config_set_idmap_domain
683  *
684  * Set the "config/domain_name" parameter from IDMAP SMF repository.
685  */
686 int
687 smb_config_set_idmap_domain(char *value)
688 {
689 	return (smb_config_setenv_generic(IDMAP_FMRI_PREFIX, IDMAP_PG_NAME,
690 	    IDMAP_DOMAIN, value));
691 }
692 
693 /*
694  * smb_config_refresh_idmap
695  *
696  * Refresh IDMAP SMF service after making changes to its configuration.
697  */
698 int
699 smb_config_refresh_idmap(void)
700 {
701 	char instance[32];
702 
703 	(void) snprintf(instance, sizeof (instance), "%s:default",
704 	    IDMAP_FMRI_PREFIX);
705 	return (smf_refresh_instance(instance));
706 }
707 
708 int
709 smb_config_secmode_fromstr(char *secmode)
710 {
711 	if (secmode == NULL)
712 		return (SMB_SECMODE_WORKGRP);
713 
714 	if (strcasecmp(secmode, SMB_SECMODE_DOMAIN_STR) == 0)
715 		return (SMB_SECMODE_DOMAIN);
716 
717 	return (SMB_SECMODE_WORKGRP);
718 }
719 
720 char *
721 smb_config_secmode_tostr(int secmode)
722 {
723 	if (secmode == SMB_SECMODE_DOMAIN)
724 		return (SMB_SECMODE_DOMAIN_STR);
725 
726 	return (SMB_SECMODE_WORKGRP_STR);
727 }
728 
729 int
730 smb_config_get_secmode()
731 {
732 	char p[16];
733 
734 	(void) smb_config_getstr(SMB_CI_SECURITY, p, sizeof (p));
735 	return (smb_config_secmode_fromstr(p));
736 }
737 
738 int
739 smb_config_set_secmode(int secmode)
740 {
741 	char *p;
742 
743 	p = smb_config_secmode_tostr(secmode);
744 	return (smb_config_setstr(SMB_CI_SECURITY, p));
745 }
746 
747 static smb_cfg_param_t *
748 smb_config_getent(smb_cfg_id_t id)
749 {
750 	int i;
751 
752 	for (i = 0; i < SMB_CI_MAX; i++)
753 		if (smb_cfg_table[i].sc_id == id)
754 			return (&smb_cfg_table[id]);
755 
756 	assert(0);
757 	return (NULL);
758 }
759