void load_registry_shares(void)
{
struct registry_key *key;
char *name;
WERROR err;
int i;
DEBUG(8, ("load_registry_shares()\n"));
if (!lp_registry_shares()) {
return;
}
err = reg_open_path(NULL, KEY_SMBCONF, REG_KEY_READ,
get_root_nt_token(), &key);
if (!(W_ERROR_IS_OK(err))) {
return;
}
for (i=0; W_ERROR_IS_OK(reg_enumkey(key, key, i, &name, NULL)); i++) {
load_registry_service(name);
TALLOC_FREE(name);
}
TALLOC_FREE(key);
return;
}
static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
{
char *tdbname = elog_tdbname(talloc_tos(), info->logname );
SEC_DESC *sec_desc;
NTSTATUS status;
if ( !tdbname )
return False;
/* get the security descriptor for the file */
sec_desc = get_nt_acl_no_snum( info, tdbname );
TALLOC_FREE( tdbname );
if ( !sec_desc ) {
DEBUG(5,("elog_check_access: Unable to get NT ACL for %s\n",
tdbname));
return False;
}
/* root free pass */
if ( geteuid() == sec_initial_uid() ) {
DEBUG(5,("elog_check_access: using root's token\n"));
token = get_root_nt_token();
}
/* run the check, try for the max allowed */
status = se_access_check( sec_desc, token, MAXIMUM_ALLOWED_ACCESS,
&info->access_granted);
if ( sec_desc )
TALLOC_FREE( sec_desc );
if (!NT_STATUS_IS_OK(status)) {
DEBUG(8,("elog_check_access: se_access_check() return %s\n",
nt_errstr(status)));
return False;
}
/* we have to have READ permission for a successful open */
return ( info->access_granted & SA_RIGHT_FILE_READ_DATA );
}
static int load_registry_service(const char *servicename)
{
struct registry_key *key;
char *path;
WERROR err;
uint32 i;
char *value_name;
struct registry_value *value;
int res = -1;
if (!lp_registry_shares()) {
return -1;
}
if ((servicename == NULL) || (*servicename == '\0')) {
return -1;
}
if (strequal(servicename, GLOBAL_NAME)) {
return -2;
}
if (asprintf(&path, "%s\\%s", KEY_SMBCONF, servicename) == -1) {
return -1;
}
err = reg_open_path(NULL, path, REG_KEY_READ, get_root_nt_token(),
&key);
SAFE_FREE(path);
if (!W_ERROR_IS_OK(err)) {
return -1;
}
res = lp_add_service(servicename, -1);
if (res == -1) {
goto error;
}
for (i=0;
W_ERROR_IS_OK(reg_enumvalue(key, key, i, &value_name, &value));
i++) {
switch (value->type) {
case REG_DWORD: {
char *tmp;
if (asprintf(&tmp, "%d", value->v.dword) == -1) {
continue;
}
lp_do_parameter(res, value_name, tmp);
SAFE_FREE(tmp);
break;
}
case REG_SZ: {
lp_do_parameter(res, value_name, value->v.sz.str);
break;
}
default:
/* Ignore all the rest */
break;
}
TALLOC_FREE(value_name);
TALLOC_FREE(value);
}
error:
TALLOC_FREE(key);
return res;
}
static bool sync_eventlog_params( EVENTLOG_INFO *info )
{
char *path = NULL;
uint32 uiMaxSize;
uint32 uiRetention;
struct registry_key *key;
struct registry_value *value;
WERROR wresult;
char *elogname = info->logname;
TALLOC_CTX *ctx = talloc_stackframe();
bool ret = false;
DEBUG( 4, ( "sync_eventlog_params with %s\n", elogname ) );
if ( !info->etdb ) {
DEBUG( 4, ( "No open tdb! (%s)\n", info->logname ) );
goto done;
}
/* set resonable defaults. 512Kb on size and 1 week on time */
uiMaxSize = 0x80000;
uiRetention = 604800;
/* the general idea is to internally open the registry
key and retrieve the values. That way we can continue
to use the same fetch/store api that we use in
srv_reg_nt.c */
path = talloc_asprintf(ctx, "%s/%s", KEY_EVENTLOG, elogname );
if (!path) {
goto done;
}
wresult = reg_open_path(ctx, path, REG_KEY_READ, get_root_nt_token(),
&key);
if ( !W_ERROR_IS_OK( wresult ) ) {
DEBUG( 4,
( "sync_eventlog_params: Failed to open key [%s] (%s)\n",
path, win_errstr( wresult ) ) );
goto done;
}
wresult = reg_queryvalue(key, key, "Retention", &value);
if (!W_ERROR_IS_OK(wresult)) {
DEBUG(4, ("Failed to query value \"Retention\": %s\n",
win_errstr(wresult)));
goto done;
}
uiRetention = value->v.dword;
wresult = reg_queryvalue(key, key, "MaxSize", &value);
if (!W_ERROR_IS_OK(wresult)) {
DEBUG(4, ("Failed to query value \"MaxSize\": %s\n",
win_errstr(wresult)));
goto done;
}
uiMaxSize = value->v.dword;
tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_MAXSIZE, uiMaxSize );
tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_RETENTION, uiRetention );
ret = true;
done:
TALLOC_FREE(ctx);
return ret;
}
