Esempi in C++ (Cpp) per create_administrators_sid

Linguaggio di programmazione: C++ (Cpp)

Metodo/funzione: create_administrators_sid

Esempi su hotexamples.com: 2

create_administrators_sid in C++ (Cpp): 2 esempi trovati. Questi sono i migliori esempi reali in C++ (Cpp) per create_administrators_sid, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Esempio n. 1

Mostra file

File: pbs_account_win.c Progetto: A9-William/pbspro

/**
 * @brief
 * 		add_to_administrators_group: returns 0 if 'dnamew\unamew' has been added
 *		to local "Administrators" group; 1 otherwise.
 *
 * @param[in]	dnamew	-	account name
 * @param[in]	unamew	-	A pointer to a constant string that specifies
 * 							the name of the user account for which to set
 * 							information.
 *
 * @return	int
 * @retval	0	: 'dnamew\unamew' has been added to local "Administrators" group.
 * @retval	1	: 'dnamew\unamew' could not add to local "Administrators" group.
 */
int
add_to_administrators_group(wchar_t *dnamew, wchar_t *unamew)
{
	SID	*gsid = NULL;
	char	*gname = NULL;	/* special group to add service account to */
	wchar_t full_unamew[PBS_MAXHOSTNAME+UNLEN+2]; /* domain\user\0 */
	int	ret_val = 1;

	gsid = create_administrators_sid();
	if (gsid && (gname=getgrpname(gsid))) {
		LOCALGROUP_MEMBERS_INFO_3 member;
		NET_API_STATUS nstatus;
		wchar_t gnamew[GNLEN+1];

		mbstowcs(gnamew, gname, GNLEN+1);

#if _MSC_VER >= 1400
		swprintf(full_unamew, PBS_MAXHOSTNAME+UNLEN+2, L"%s\\%s", dnamew, unamew);

#else
		swprintf(full_unamew, L"%s\\%s", dnamew, unamew);
#endif
		member.lgrmi3_domainandname = (wchar_t *)full_unamew;

		if (for_info_only)
			nstatus = NERR_Success;
		else
			nstatus=NetLocalGroupAddMembers(NULL, gnamew, 3,
				(LPBYTE)&member, 1);
		if( (nstatus == NERR_Success) || \
			(nstatus == ERROR_MEMBER_IN_ALIAS) ) {

			printf("%s %S to group \"%S\"\n",
				(for_info_only?"Adding":"Added"), full_unamew, gnamew);
			ret_val = 0;
		} else {
			fprintf(stderr,
				"Failed to add %S to group \"%S\": error status =%d\n",
				full_unamew, gnamew, nstatus);
		}
	}

	if (strlen(winlog_buffer) > 0) { /* any error in getdefgrpname() */
		fprintf(stderr, "%s\n", winlog_buffer);
	}

	if (gsid)
		FreeSid(gsid);
	else
		fprintf(stderr,
			"Failed to add %S\\%S to Administrators group: bad SID\n",
			dnamew, unamew);

	if (gname)
		(void)free(gname);
	else
		fprintf(stderr,
			"Failed to get Administrators's actual group name\n");



	return (ret_val);
}

Esempio n. 2

Mostra file

File: accesinfo.c Progetto: Bhagat-Rajput/pbspro

int
secure_file2(char *path, char *user, ACCESS_MASK mask, char *user2, ACCESS_MASK mask2)
{
	SECURITY_DESCRIPTOR	sd;
	SID	*usid = NULL;
	SID	*gsid;
	ACL	*pdacl;
	struct  stat sbuf;
	SECURITY_INFORMATION	si = 0;
	char	logb[LOG_BUF_SIZE] = {'\0' } ;
	char	*gname = NULL;

	if (path == NULL)
		return (0);

	if (lstat(path, &sbuf) == -1)
		return (0);	/* ignore non-existent files! */

	if (!has_privilege(SE_RESTORE_NAME))
		ena_privilege(SE_RESTORE_NAME);

	if (!has_privilege(SE_TAKE_OWNERSHIP_NAME))
		ena_privilege(SE_TAKE_OWNERSHIP_NAME);

	InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);

	/* make PBS service account as the owner */
	usid = create_administrators_sid();

	if (usid == NULL)
		usid = getusersid(getlogin());

	if (usid) {
		if (SetSecurityDescriptorOwner(&sd, usid, FALSE) == 0) {
			sprintf(logb, "error setting owner for file %s", path);
			log_err(-1, "secure_file2", logb);
			LocalFree(usid);
			return (0);
		}
		si |= OWNER_SECURITY_INFORMATION;

		/* trick with setting perms, set ownership first! */
		if (SetFileSecurity(path, si, &sd) == 0) {
			sprintf(logb, "error setting actual owner for file %s", path);
			log_err(-1, "secure_file2", logb);
			LocalFree(usid);
			return (0);
		}

		InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
		si = 0;
	}

	/* can't use gsid=getgid() since gsid here must be LocalFree()d */
	if ((gname=getdefgrpname(getlogin()))) {
		gsid = getgrpsid(gname);
		(void)free(gname);
	} else {
		gsid = NULL;
	}
	if (gsid) {
		if (SetSecurityDescriptorGroup(&sd, gsid, FALSE) == 0) {
			sprintf(logb, "error setting group for file %s", path);
			log_err(-1, "secure_file2", logb);
			if (usid) LocalFree(usid);
			LocalFree(gsid);
			return (0);
		}
		si |= GROUP_SECURITY_INFORMATION;

	}

	pdacl = create_secure_dacl2(user, mask, user2, mask2, usid);
	if (pdacl == NULL) {
		sprintf(logb, "failed to create secure dacl for file %s", path);
		log_err(-1, "secure_file2", logb);
		if (usid) LocalFree(usid);
		if (gsid) LocalFree(gsid);
		return (0);
	}

	if (SetSecurityDescriptorDacl(&sd, TRUE, pdacl, TRUE) == 0) {
		sprintf(logb, "error setting dacl for file %s", path);
		log_err(-1, "secure_file2", logb);
		if (usid) LocalFree(usid);
		if (gsid) LocalFree(gsid);
		(void)free(pdacl);
		return (0);
	}
	si |= DACL_SECURITY_INFORMATION;

	if (SetFileSecurity(path, si, &sd) == 0) {
		sprintf(logb, "error setting security for file %s", path);
		log_err(-1, "secure_file2", logb);
		if (usid) LocalFree(usid);
		if (gsid) LocalFree(gsid);
		(void)free(pdacl);
		return (0);
	}

	if (usid) LocalFree(usid);
	if (gsid) LocalFree(gsid);
	(void)free(pdacl);

	/* Even though permissions have been set on the file, it can be   */
	/* overriden if a file attribute was given say a                  */
	/* FILE_ATTRIBUTE_READONLY flag previously outside of PBS. Any    */
	/* writes to the file would still fail even if Administrators     */
	/* have been given write permission.                              */
	/* The following call is to clear any special attributes that     */
	/* may have gotten set outside of PBS, negating PBS' permission   */
	/* change.							  */
	(void)SetFileAttributes(path, FILE_ATTRIBUTE_NORMAL);

	return (1);

}