search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r10224: add {Unl,L}ockServiceDatabase() to get srvmgr.exe to work
[Samba.git] / source / rpc_server / srv_svcctl_nt.c
blobe7d36436e3d120b19d9a7447b59aba5bf31879ce
1 /*
2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 *
5 * Copyright (C) Marcin Krzysztof Porwit 2005.
6 *
7 * Largely Rewritten (Again) by:
8 * Copyright (C) Gerald (Jerry) Carter 2005.
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 */
24
25 #include "includes.h"
26
27 #undef DBGC_CLASS
28 #define DBGC_CLASS DBGC_RPC_SRV
29
30 struct service_control_op {
31 const char *name;
32 SERVICE_CONTROL_OPS *ops;
33 };
34
35 extern SERVICE_CONTROL_OPS spoolss_svc_ops;
36 extern SERVICE_CONTROL_OPS rcinit_svc_ops;
37 extern SERVICE_CONTROL_OPS netlogon_svc_ops;
38 extern SERVICE_CONTROL_OPS winreg_svc_ops;
39
40 struct service_control_op *svcctl_ops;
41
42 static struct generic_mapping scm_generic_map =
43 { SC_MANAGER_READ_ACCESS, SC_MANAGER_WRITE_ACCESS, SC_MANAGER_EXECUTE_ACCESS, SC_MANAGER_ALL_ACCESS };
44 static struct generic_mapping svc_generic_map =
45 { SERVICE_READ_ACCESS, SERVICE_WRITE_ACCESS, SERVICE_EXECUTE_ACCESS, SERVICE_ALL_ACCESS };
46
47
48 /********************************************************************
49 ********************************************************************/
50
51 BOOL init_service_op_table( void )
52 {
53 const char **service_list = lp_svcctl_list();
54 int num_services = 3 + str_list_count( service_list );
55 int i;
56
57 if ( !(svcctl_ops = TALLOC_ARRAY( NULL, struct service_control_op, num_services+1)) ) {
58 DEBUG(0,("init_service_op_table: talloc() failed!\n"));
59 return False;
60 }
61
62 /* services listed in smb.conf get the rc.init interface */
63
64 for ( i=0; service_list[i]; i++ ) {
65 svcctl_ops[i].name = talloc_strdup( svcctl_ops, service_list[i] );
66 svcctl_ops[i].ops = &rcinit_svc_ops;
67 }
68
69 /* add builtin services */
70
71 svcctl_ops[i].name = talloc_strdup( svcctl_ops, "Spooler" );
72 svcctl_ops[i].ops = &spoolss_svc_ops;
73 i++;
74
75 svcctl_ops[i].name = talloc_strdup( svcctl_ops, "NETLOGON" );
76 svcctl_ops[i].ops = &netlogon_svc_ops;
77 i++;
78
79 svcctl_ops[i].name = talloc_strdup( svcctl_ops, "RemoteRegistry" );
80 svcctl_ops[i].ops = &winreg_svc_ops;
81 i++;
82
83 /* NULL terminate the array */
84
85 svcctl_ops[i].name = NULL;
86 svcctl_ops[i].ops = NULL;
87
88 return True;
89 }
90
91 /********************************************************************
92 ********************************************************************/
93
94 static struct service_control_op* find_service_by_name( const char *name )
95 {
96 int i;
97
98 for ( i=0; svcctl_ops[i].name; i++ ) {
99 if ( strequal( name, svcctl_ops[i].name ) )
100 return &svcctl_ops[i];
101 }
102
103 return NULL;
104 }
105 /********************************************************************
106 ********************************************************************/
107
108 static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
109 uint32 access_desired, uint32 *access_granted )
110 {
111 NTSTATUS result;
112
113 /* maybe add privilege checks in here later */
114
115 se_access_check( sec_desc, token, access_desired, access_granted, &result );
116
117 if ( !NT_STATUS_IS_OK(result) ) {
118 if ( geteuid() == sec_initial_uid() ) {
119 DEBUG(5,("svcctl_access_check: access check bypassed for 'root'\n"));
120 *access_granted = access_desired;
121 return NT_STATUS_OK;
122 }
123 }
124
125 return result;
126 }
127
128 /********************************************************************
129 ********************************************************************/
130
131 static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
132 {
133 SEC_ACE ace[2];
134 SEC_ACCESS mask;
135 size_t i = 0;
136 SEC_DESC *sd;
137 SEC_ACL *acl;
138 size_t sd_size;
139
140 /* basic access for Everyone */
141
142 init_sec_access(&mask, SC_MANAGER_READ_ACCESS );
143 init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
144
145 /* Full Access 'BUILTIN\Administrators' */
146
147 init_sec_access(&mask,SC_MANAGER_ALL_ACCESS );
148 init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
149
150
151 /* create the security descriptor */
152
153 if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
154 return NULL;
155
156 if ( !(sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, acl, &sd_size)) )
157 return NULL;
158
159 return sd;
160 }
161
162 /******************************************************************
163 free() function for REGISTRY_KEY
164 *****************************************************************/
165
166 static void free_service_handle_info(void *ptr)
167 {
168 TALLOC_FREE( ptr );
169 }
170
171 /******************************************************************
172 Find a registry key handle and return a SERVICE_INFO
173 *****************************************************************/
174
175 static SERVICE_INFO *find_service_info_by_hnd(pipes_struct *p, POLICY_HND *hnd)
176 {
177 SERVICE_INFO *service_info = NULL;
178
179 if( !find_policy_by_hnd( p, hnd, (void **)&service_info) ) {
180 DEBUG(2,("find_service_info_by_hnd: handle not found"));
181 return NULL;
182 }
183
184 return service_info;
185 }
186
187 /******************************************************************
188 *****************************************************************/
189
190 static WERROR create_open_service_handle( pipes_struct *p, POLICY_HND *handle, uint32 type,
191 const char *service, uint32 access_granted )
192 {
193 SERVICE_INFO *info = NULL;
194 WERROR result = WERR_OK;
195 struct service_control_op *s_op;
196
197 if ( !(info = TALLOC_ZERO_P( NULL, SERVICE_INFO )) )
198 return WERR_NOMEM;
199
200 /* the Service Manager has a NULL name */
201
202 info->type = SVC_HANDLE_IS_SCM;
203
204 switch ( type ) {
205 case SVC_HANDLE_IS_SCM:
206 info->type = SVC_HANDLE_IS_SCM;
207 break;
208
209 case SVC_HANDLE_IS_DBLOCK:
210 info->type = SVC_HANDLE_IS_DBLOCK;
211 break;
212
213 case SVC_HANDLE_IS_SERVICE:
214 info->type = SVC_HANDLE_IS_SERVICE;
215
216 /* lookup the SERVICE_CONTROL_OPS */
217
218 if ( !(s_op = find_service_by_name( service )) ) {
219 result = WERR_NO_SUCH_SERVICE;
220 goto done;
221 }
222
223 info->ops = s_op->ops;
224
225 if ( !(info->name = talloc_strdup( info, s_op->name )) ) {
226 result = WERR_NOMEM;
227 goto done;
228 }
229 break;
230
231 default:
232 result = WERR_NO_SUCH_SERVICE;
233 goto done;
234 }
235
236 info->access_granted = access_granted;
237
238 /* store the SERVICE_INFO and create an open handle */
239
240 if ( !create_policy_hnd( p, handle, free_service_handle_info, info ) ) {
241 result = WERR_ACCESS_DENIED;
242 goto done;
243 }
244
245 done:
246 if ( !W_ERROR_IS_OK(result) )
247 free_service_handle_info( info );
248
249 return result;
250 }
251
252 /********************************************************************
253 ********************************************************************/
254
255 WERROR _svcctl_open_scmanager(pipes_struct *p, SVCCTL_Q_OPEN_SCMANAGER *q_u, SVCCTL_R_OPEN_SCMANAGER *r_u)
256 {
257 SEC_DESC *sec_desc;
258 uint32 access_granted = 0;
259 NTSTATUS status;
260
261 /* perform access checks */
262
263 if ( !(sec_desc = construct_scm_sd( p->mem_ctx )) )
264 return WERR_NOMEM;
265
266 se_map_generic( &q_u->access, &scm_generic_map );
267 status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, q_u->access, &access_granted );
268 if ( !NT_STATUS_IS_OK(status) )
269 return ntstatus_to_werror( status );
270
271 return create_open_service_handle( p, &r_u->handle, SVC_HANDLE_IS_SCM, NULL, access_granted );
272 }
273
274 /********************************************************************
275 ********************************************************************/
276
277 WERROR _svcctl_open_service(pipes_struct *p, SVCCTL_Q_OPEN_SERVICE *q_u, SVCCTL_R_OPEN_SERVICE *r_u)
278 {
279 SEC_DESC *sec_desc;
280 uint32 access_granted = 0;
281 NTSTATUS status;
282 pstring service;
283
284 rpcstr_pull(service, q_u->servicename.buffer, sizeof(service), q_u->servicename.uni_str_len*2, 0);
285
286 DEBUG(5, ("_svcctl_open_service: Attempting to open Service [%s], \n", service));
287
288
289 /* based on my tests you can open a service if you have a valid scm handle */
290
291 if ( !find_service_info_by_hnd( p, &q_u->handle ) )
292 return WERR_BADFID;
293
294 /* perform access checks. Use the root token in order to ensure that we
295 retreive the security descriptor */
296
297 if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, service, get_root_nt_token() )) )
298 return WERR_NOMEM;
299
300 se_map_generic( &q_u->access, &svc_generic_map );
301 status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, q_u->access, &access_granted );
302 if ( !NT_STATUS_IS_OK(status) )
303 return ntstatus_to_werror( status );
304
305 return create_open_service_handle( p, &r_u->handle, SVC_HANDLE_IS_SERVICE, service, access_granted );
306 }
307
308 /********************************************************************
309 ********************************************************************/
310
311 WERROR _svcctl_close_service(pipes_struct *p, SVCCTL_Q_CLOSE_SERVICE *q_u, SVCCTL_R_CLOSE_SERVICE *r_u)
312 {
313 return close_policy_hnd( p, &q_u->handle ) ? WERR_OK : WERR_BADFID;
314 }
315
316 /********************************************************************
317 ********************************************************************/
318
319 WERROR _svcctl_get_display_name(pipes_struct *p, SVCCTL_Q_GET_DISPLAY_NAME *q_u, SVCCTL_R_GET_DISPLAY_NAME *r_u)
320 {
321 fstring service;
322 const char *display_name;
323 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
324
325 /* can only use an SCM handle here */
326
327 if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
328 return WERR_BADFID;
329
330 rpcstr_pull(service, q_u->servicename.buffer, sizeof(service), q_u->servicename.uni_str_len*2, 0);
331
332 display_name = svcctl_lookup_dispname( service, p->pipe_user.nt_user_token );
333 init_svcctl_r_get_display_name( r_u, display_name );
334
335 return WERR_OK;
336 }
337
338 /********************************************************************
339 ********************************************************************/
340
341 WERROR _svcctl_query_status(pipes_struct *p, SVCCTL_Q_QUERY_STATUS *q_u, SVCCTL_R_QUERY_STATUS *r_u)
342 {
343 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
344
345 /* perform access checks */
346
347 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
348 return WERR_BADFID;
349
350 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
351 return WERR_ACCESS_DENIED;
352
353 /* try the service specific status call */
354
355 return info->ops->service_status( &r_u->svc_status );
356 }
357
358 /********************************************************************
359 ********************************************************************/
360
361 static int enumerate_status( TALLOC_CTX *ctx, ENUM_SERVICES_STATUS **status, NT_USER_TOKEN *token )
362 {
363 int num_services = 0;
364 int i;
365 ENUM_SERVICES_STATUS *st;
366 const char *display_name;
367
368 /* just count */
369 while ( svcctl_ops[num_services].name )
370 num_services++;
371
372 if ( !(st = TALLOC_ARRAY( ctx, ENUM_SERVICES_STATUS, num_services )) ) {
373 DEBUG(0,("enumerate_status: talloc() failed!\n"));
374 return -1;
375 }
376
377 for ( i=0; i<num_services; i++ ) {
378 init_unistr( &st[i].servicename, svcctl_ops[i].name );
379
380 display_name = svcctl_lookup_dispname( svcctl_ops[i].name, token );
381 init_unistr( &st[i].displayname, display_name );
382
383 svcctl_ops[i].ops->service_status( &st[i].status );
384 }
385
386 *status = st;
387
388 return num_services;
389 }
390
391 /********************************************************************
392 ********************************************************************/
393
394 WERROR _svcctl_enum_services_status(pipes_struct *p, SVCCTL_Q_ENUM_SERVICES_STATUS *q_u, SVCCTL_R_ENUM_SERVICES_STATUS *r_u)
395 {
396 ENUM_SERVICES_STATUS *services = NULL;
397 uint32 num_services;
398 int i = 0;
399 size_t buffer_size = 0;
400 WERROR result = WERR_OK;
401 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
402 NT_USER_TOKEN *token = p->pipe_user.nt_user_token;
403
404 /* perform access checks */
405
406 if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
407 return WERR_BADFID;
408
409 if ( !(info->access_granted & SC_RIGHT_MGR_ENUMERATE_SERVICE) )
410 return WERR_ACCESS_DENIED;
411
412 if ( (num_services = enumerate_status( p->mem_ctx, &services, token )) == -1 )
413 return WERR_NOMEM;
414
415 for ( i=0; i<num_services; i++ ) {
416 buffer_size += svcctl_sizeof_enum_services_status(&services[i]);
417 }
418
419 buffer_size += buffer_size % 4;
420
421 if (buffer_size > q_u->buffer_size ) {
422 num_services = 0;
423 result = WERR_MORE_DATA;
424 }
425
426 rpcbuf_init(&r_u->buffer, q_u->buffer_size, p->mem_ctx);
427
428 if ( W_ERROR_IS_OK(result) ) {
429 for ( i=0; i<num_services; i++ )
430 svcctl_io_enum_services_status( "", &services[i], &r_u->buffer, 0 );
431 }
432
433 r_u->needed = (buffer_size > q_u->buffer_size) ? buffer_size : q_u->buffer_size;
434 r_u->returned = num_services;
435
436 if ( !(r_u->resume = TALLOC_P( p->mem_ctx, uint32 )) )
437 return WERR_NOMEM;
438
439 *r_u->resume = 0x0;
440
441 return result;
442 }
443
444 /********************************************************************
445 ********************************************************************/
446
447 WERROR _svcctl_start_service(pipes_struct *p, SVCCTL_Q_START_SERVICE *q_u, SVCCTL_R_START_SERVICE *r_u)
448 {
449 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
450
451 /* perform access checks */
452
453 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
454 return WERR_BADFID;
455
456 if ( !(info->access_granted & SC_RIGHT_SVC_START) )
457 return WERR_ACCESS_DENIED;
458
459 return info->ops->start_service();
460 }
461
462 /********************************************************************
463 ********************************************************************/
464
465 WERROR _svcctl_control_service(pipes_struct *p, SVCCTL_Q_CONTROL_SERVICE *q_u, SVCCTL_R_CONTROL_SERVICE *r_u)
466 {
467 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
468
469 /* perform access checks */
470
471 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
472 return WERR_BADFID;
473
474 switch ( q_u->control ) {
475 case SVCCTL_CONTROL_STOP:
476 if ( !(info->access_granted & SC_RIGHT_SVC_STOP) )
477 return WERR_ACCESS_DENIED;
478
479 return info->ops->stop_service( &r_u->svc_status );
480
481 case SVCCTL_CONTROL_INTERROGATE:
482 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
483 return WERR_ACCESS_DENIED;
484
485 return info->ops->service_status( &r_u->svc_status );
486 }
487
488 /* default control action */
489
490 return WERR_ACCESS_DENIED;
491 }
492
493 /********************************************************************
494 ********************************************************************/
495
496 WERROR _svcctl_enum_dependent_services( pipes_struct *p, SVCCTL_Q_ENUM_DEPENDENT_SERVICES *q_u, SVCCTL_R_ENUM_DEPENDENT_SERVICES *r_u )
497 {
498 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
499
500 /* perform access checks */
501
502 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
503 return WERR_BADFID;
504
505 if ( !(info->access_granted & SC_RIGHT_SVC_ENUMERATE_DEPENDENTS) )
506 return WERR_ACCESS_DENIED;
507
508 /* we have to set the outgoing buffer size to the same as the
509 incoming buffer size (even in the case of failure */
510
511 rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx );
512
513 r_u->needed = q_u->buffer_size;
514
515 /* no dependent services...basically a stub function */
516 r_u->returned = 0;
517
518 return WERR_OK;
519 }
520
521 /********************************************************************
522 ********************************************************************/
523
524 WERROR _svcctl_query_service_status_ex( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_STATUSEX *q_u, SVCCTL_R_QUERY_SERVICE_STATUSEX *r_u )
525 {
526 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
527 uint32 buffer_size;
528
529 /* perform access checks */
530
531 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
532 return WERR_BADFID;
533
534 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
535 return WERR_ACCESS_DENIED;
536
537 /* we have to set the outgoing buffer size to the same as the
538 incoming buffer size (even in the case of failure) */
539
540 rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx );
541 r_u->needed = q_u->buffer_size;
542
543 switch ( q_u->level ) {
544 case SVC_STATUS_PROCESS_INFO:
545 {
546 SERVICE_STATUS_PROCESS svc_stat_proc;
547
548 /* Get the status of the service.. */
549 info->ops->service_status( &svc_stat_proc.status );
550 svc_stat_proc.process_id = sys_getpid();
551 svc_stat_proc.service_flags = 0x0;
552
553 svcctl_io_service_status_process( "", &svc_stat_proc, &r_u->buffer, 0 );
554 buffer_size = sizeof(SERVICE_STATUS_PROCESS);
555 break;
556 }
557
558 default:
559 return WERR_UNKNOWN_LEVEL;
560 }
561
562
563 buffer_size += buffer_size % 4;
564 r_u->needed = (buffer_size > q_u->buffer_size) ? buffer_size : q_u->buffer_size;
565
566 if (buffer_size > q_u->buffer_size )
567 return WERR_MORE_DATA;
568
569 return WERR_OK;
570 }
571
572 /********************************************************************
573 ********************************************************************/
574
575 static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name, SERVICE_CONFIG *config, NT_USER_TOKEN *token )
576 {
577 REGVAL_CTR *values;
578 REGISTRY_VALUE *val;
579
580 /* retrieve the registry values for this service */
581
582 if ( !(values = svcctl_fetch_regvalues( name, token )) )
583 return WERR_REG_CORRUPT;
584
585 /* now fill in the individual values */
586
587 config->displayname = TALLOC_ZERO_P( ctx, UNISTR2 );
588 if ( (val = regval_ctr_getvalue( values, "DisplayName" )) != NULL )
589 init_unistr2( config->displayname, regval_sz( val ), UNI_STR_TERMINATE );
590 else
591 init_unistr2( config->displayname, name, UNI_STR_TERMINATE );
592
593 if ( (val = regval_ctr_getvalue( values, "ObjectName" )) != NULL ) {
594 config->startname = TALLOC_ZERO_P( ctx, UNISTR2 );
595 init_unistr2( config->startname, regval_sz( val ), UNI_STR_TERMINATE );
596 }
597
598 if ( (val = regval_ctr_getvalue( values, "ImagePath" )) != NULL ) {
599 config->executablepath = TALLOC_ZERO_P( ctx, UNISTR2 );
600 init_unistr2( config->executablepath, regval_sz( val ), UNI_STR_TERMINATE );
601 }
602
603 /* a few hard coded values */
604 /* loadordergroup and dependencies are empty */
605
606 config->tag_id = 0x00000000; /* unassigned loadorder group */
607 config->service_type = SVCCTL_WIN32_OWN_PROC;
608 config->start_type = SVCCTL_DEMAND_START;
609 config->error_control = SVCCTL_SVC_ERROR_NORMAL;
610
611 TALLOC_FREE( values );
612
613 return WERR_OK;
614 }
615
616 /********************************************************************
617 ********************************************************************/
618
619 WERROR _svcctl_query_service_config( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CONFIG *q_u, SVCCTL_R_QUERY_SERVICE_CONFIG *r_u )
620 {
621 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
622 uint32 buffer_size;
623 WERROR wresult;
624
625 /* perform access checks */
626
627 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
628 return WERR_BADFID;
629
630 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_CONFIG) )
631 return WERR_ACCESS_DENIED;
632
633 /* we have to set the outgoing buffer size to the same as the
634 incoming buffer size (even in the case of failure */
635
636 r_u->needed = q_u->buffer_size;
637
638 wresult = fill_svc_config( p->mem_ctx, info->name, &r_u->config, p->pipe_user.nt_user_token );
639 if ( !W_ERROR_IS_OK(wresult) )
640 return wresult;
641
642 buffer_size = svcctl_sizeof_service_config( &r_u->config );
643 r_u->needed = (buffer_size > q_u->buffer_size) ? buffer_size : q_u->buffer_size;
644
645 if (buffer_size > q_u->buffer_size ) {
646 ZERO_STRUCTP( &r_u->config );
647 return WERR_INSUFFICIENT_BUFFER;
648 }
649
650 return WERR_OK;
651 }
652
653 /********************************************************************
654 ********************************************************************/
655
656 WERROR _svcctl_query_service_config2( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CONFIG2 *q_u, SVCCTL_R_QUERY_SERVICE_CONFIG2 *r_u )
657 {
658 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
659 uint32 buffer_size;
660
661 /* perform access checks */
662
663 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
664 return WERR_BADFID;
665
666 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_CONFIG) )
667 return WERR_ACCESS_DENIED;
668
669 /* we have to set the outgoing buffer size to the same as the
670 incoming buffer size (even in the case of failure */
671
672 rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx );
673 r_u->needed = q_u->buffer_size;
674
675 switch ( q_u->level ) {
676 case SERVICE_CONFIG_DESCRIPTION:
677 {
678 SERVICE_DESCRIPTION desc_buf;
679 const char *description;
680
681 description = svcctl_lookup_description( info->name, p->pipe_user.nt_user_token );
682
683 ZERO_STRUCTP( &desc_buf );
684
685 init_service_description_buffer( &desc_buf, description );
686 svcctl_io_service_description( "", &desc_buf, &r_u->buffer, 0 );
687 buffer_size = svcctl_sizeof_service_description( &desc_buf );
688
689 break;
690 }
691 break;
692 case SERVICE_CONFIG_FAILURE_ACTIONS:
693 {
694 SERVICE_FAILURE_ACTIONS actions;
695
696 /* nothing to say...just service the request */
697
698 ZERO_STRUCTP( &actions );
699 svcctl_io_service_fa( "", &actions, &r_u->buffer, 0 );
700 buffer_size = svcctl_sizeof_service_fa( &actions );
701
702 break;
703 }
704 break;
705
706 default:
707 return WERR_UNKNOWN_LEVEL;
708 }
709
710 buffer_size += buffer_size % 4;
711 r_u->needed = (buffer_size > q_u->buffer_size) ? buffer_size : q_u->buffer_size;
712
713 if (buffer_size > q_u->buffer_size )
714 return WERR_INSUFFICIENT_BUFFER;
715
716 return WERR_OK;
717 }
718
719 /********************************************************************
720 ********************************************************************/
721
722 WERROR _svcctl_lock_service_db( pipes_struct *p, SVCCTL_Q_LOCK_SERVICE_DB *q_u, SVCCTL_R_LOCK_SERVICE_DB *r_u )
723 {
724 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
725
726 /* perform access checks */
727
728 if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
729 return WERR_BADFID;
730
731 if ( !(info->access_granted & SC_RIGHT_MGR_LOCK) )
732 return WERR_ACCESS_DENIED;
733
734 /* Just open a handle. Doesn't actually lock anything */
735
736 return create_open_service_handle( p, &r_u->h_lock, SVC_HANDLE_IS_DBLOCK, NULL, 0 );
737 ;
738 }
739
740 /********************************************************************
741 ********************************************************************/
742
743 WERROR _svcctl_unlock_service_db( pipes_struct *p, SVCCTL_Q_UNLOCK_SERVICE_DB *q_u, SVCCTL_R_UNLOCK_SERVICE_DB *r_u )
744 {
745 SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->h_lock );
746
747
748 if ( !info || (info->type != SVC_HANDLE_IS_DBLOCK) )
749 return WERR_BADFID;
750
751 return close_policy_hnd( p, &q_u->h_lock) ? WERR_OK : WERR_BADFID;
752 }
Samba GIT mirror