void load_registry_shares(void) { struct registry_key *key; char *name; WERROR err; int i; DEBUG(8, ("load_registry_shares()\n")); if (!lp_registry_shares()) { return; } err = reg_open_path(NULL, KEY_SMBCONF, REG_KEY_READ, get_root_nt_token(), &key); if (!(W_ERROR_IS_OK(err))) { return; } for (i=0; W_ERROR_IS_OK(reg_enumkey(key, key, i, &name, NULL)); i++) { load_registry_service(name); TALLOC_FREE(name); } TALLOC_FREE(key); return; }
static bool elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token ) { char *tdbname = elog_tdbname(talloc_tos(), info->logname ); SEC_DESC *sec_desc; NTSTATUS status; if ( !tdbname ) return False; /* get the security descriptor for the file */ sec_desc = get_nt_acl_no_snum( info, tdbname ); TALLOC_FREE( tdbname ); if ( !sec_desc ) { DEBUG(5,("elog_check_access: Unable to get NT ACL for %s\n", tdbname)); return False; } /* root free pass */ if ( geteuid() == sec_initial_uid() ) { DEBUG(5,("elog_check_access: using root's token\n")); token = get_root_nt_token(); } /* run the check, try for the max allowed */ status = se_access_check( sec_desc, token, MAXIMUM_ALLOWED_ACCESS, &info->access_granted); if ( sec_desc ) TALLOC_FREE( sec_desc ); if (!NT_STATUS_IS_OK(status)) { DEBUG(8,("elog_check_access: se_access_check() return %s\n", nt_errstr(status))); return False; } /* we have to have READ permission for a successful open */ return ( info->access_granted & SA_RIGHT_FILE_READ_DATA ); }
static int load_registry_service(const char *servicename) { struct registry_key *key; char *path; WERROR err; uint32 i; char *value_name; struct registry_value *value; int res = -1; if (!lp_registry_shares()) { return -1; } if ((servicename == NULL) || (*servicename == '\0')) { return -1; } if (strequal(servicename, GLOBAL_NAME)) { return -2; } if (asprintf(&path, "%s\\%s", KEY_SMBCONF, servicename) == -1) { return -1; } err = reg_open_path(NULL, path, REG_KEY_READ, get_root_nt_token(), &key); SAFE_FREE(path); if (!W_ERROR_IS_OK(err)) { return -1; } res = lp_add_service(servicename, -1); if (res == -1) { goto error; } for (i=0; W_ERROR_IS_OK(reg_enumvalue(key, key, i, &value_name, &value)); i++) { switch (value->type) { case REG_DWORD: { char *tmp; if (asprintf(&tmp, "%d", value->v.dword) == -1) { continue; } lp_do_parameter(res, value_name, tmp); SAFE_FREE(tmp); break; } case REG_SZ: { lp_do_parameter(res, value_name, value->v.sz.str); break; } default: /* Ignore all the rest */ break; } TALLOC_FREE(value_name); TALLOC_FREE(value); } error: TALLOC_FREE(key); return res; }
static bool sync_eventlog_params( EVENTLOG_INFO *info ) { char *path = NULL; uint32 uiMaxSize; uint32 uiRetention; struct registry_key *key; struct registry_value *value; WERROR wresult; char *elogname = info->logname; TALLOC_CTX *ctx = talloc_stackframe(); bool ret = false; DEBUG( 4, ( "sync_eventlog_params with %s\n", elogname ) ); if ( !info->etdb ) { DEBUG( 4, ( "No open tdb! (%s)\n", info->logname ) ); goto done; } /* set resonable defaults. 512Kb on size and 1 week on time */ uiMaxSize = 0x80000; uiRetention = 604800; /* the general idea is to internally open the registry key and retrieve the values. That way we can continue to use the same fetch/store api that we use in srv_reg_nt.c */ path = talloc_asprintf(ctx, "%s/%s", KEY_EVENTLOG, elogname ); if (!path) { goto done; } wresult = reg_open_path(ctx, path, REG_KEY_READ, get_root_nt_token(), &key); if ( !W_ERROR_IS_OK( wresult ) ) { DEBUG( 4, ( "sync_eventlog_params: Failed to open key [%s] (%s)\n", path, win_errstr( wresult ) ) ); goto done; } wresult = reg_queryvalue(key, key, "Retention", &value); if (!W_ERROR_IS_OK(wresult)) { DEBUG(4, ("Failed to query value \"Retention\": %s\n", win_errstr(wresult))); goto done; } uiRetention = value->v.dword; wresult = reg_queryvalue(key, key, "MaxSize", &value); if (!W_ERROR_IS_OK(wresult)) { DEBUG(4, ("Failed to query value \"MaxSize\": %s\n", win_errstr(wresult))); goto done; } uiMaxSize = value->v.dword; tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_MAXSIZE, uiMaxSize ); tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_RETENTION, uiRetention ); ret = true; done: TALLOC_FREE(ctx); return ret; }