search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
pidl:Wireshark Fix the type of array of pointerse to hf_ values
[Samba.git] / source3 / utils / profiles.c
blobab1eb26e1482054a2402eaccb715ff6229e94b3f
1 /*
2 Samba Unix/Linux SMB client utility profiles.c
3
4 Copyright (C) Richard Sharpe, <rsharpe@richardsharpe.com> 2002
5 Copyright (C) Jelmer Vernooij (conversion to popt) 2003
6 Copyright (C) Gerald (Jerry) Carter 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "system/filesys.h"
24 #include "lib/cmdline/cmdline.h"
25 #include "registry/reg_objects.h"
26 #include "registry/regfio.h"
27 #include "../libcli/security/security.h"
28
29 /* GLOBAL VARIABLES */
30
31 struct dom_sid old_sid, new_sid;
32 int change = 0, new_val = 0;
33 int opt_verbose = False;
34
35 /********************************************************************
36 ********************************************************************/
37
38 static void verbose_output(const char *format, ...) PRINTF_ATTRIBUTE(1,2);
39 static void verbose_output(const char *format, ...)
40 {
41 va_list args;
42 char *var = NULL;
43
44 if (!opt_verbose) {
45 return;
46 }
47
48 va_start(args, format);
49 if ((vasprintf(&var, format, args)) == -1) {
50 va_end(args);
51 return;
52 }
53
54 fprintf(stdout, "%s", var);
55 va_end(args);
56 SAFE_FREE(var);
57 }
58
59 /********************************************************************
60 ********************************************************************/
61
62 static bool swap_sid_in_acl( struct security_descriptor *sd, struct dom_sid *s1, struct dom_sid *s2 )
63 {
64 struct security_acl *theacl;
65 int i;
66 bool update = False;
67 struct dom_sid_buf buf;
68
69 verbose_output(" Owner SID: %s\n",
70 dom_sid_str_buf(sd->owner_sid, &buf));
71 if ( dom_sid_equal( sd->owner_sid, s1 ) ) {
72 sid_copy( sd->owner_sid, s2 );
73 update = True;
74 verbose_output(" New Owner SID: %s\n",
75 dom_sid_str_buf(sd->owner_sid, &buf));
76
77 }
78
79 verbose_output(" Group SID: %s\n",
80 dom_sid_str_buf(sd->group_sid, &buf));
81 if ( dom_sid_equal( sd->group_sid, s1 ) ) {
82 sid_copy( sd->group_sid, s2 );
83 update = True;
84 verbose_output(" New Group SID: %s\n",
85 dom_sid_str_buf(sd->group_sid, &buf));
86 }
87
88 theacl = sd->dacl;
89 verbose_output(" DACL: %d entries:\n", theacl->num_aces);
90 for ( i=0; i<theacl->num_aces; i++ ) {
91 verbose_output(" Trustee SID: %s\n",
92 dom_sid_str_buf(&theacl->aces[i].trustee,
93 &buf));
94 if ( dom_sid_equal( &theacl->aces[i].trustee, s1 ) ) {
95 sid_copy( &theacl->aces[i].trustee, s2 );
96 update = True;
97 verbose_output(
98 " New Trustee SID: %s\n",
99 dom_sid_str_buf(&theacl->aces[i].trustee,
100 &buf));
101 }
102 }
103
104 #if 0
105 theacl = sd->sacl;
106 verbose_output(" SACL: %d entries: \n", theacl->num_aces);
107 for ( i=0; i<theacl->num_aces; i++ ) {
108 verbose_output(" Trustee SID: %s\n",
109 dom_sid_str_buf(&theacl->aces[i].trustee,
110 &buf));
111 if ( dom_sid_equal( &theacl->aces[i].trustee, s1 ) ) {
112 sid_copy( &theacl->aces[i].trustee, s2 );
113 update = True;
114 verbose_output(
115 " New Trustee SID: %s\n",
116 dom_sid_str_buf(&theacl->aces[i].trustee,
117 &buf));
118 }
119 }
120 #endif
121 return update;
122 }
123
124 /********************************************************************
125 ********************************************************************/
126
127 static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
128 REGF_NK_REC *parent, REGF_FILE *outfile,
129 const char *parentpath )
130 {
131 REGF_NK_REC *key, *subkey;
132 struct security_descriptor *new_sd;
133 struct regval_ctr *values;
134 struct regsubkey_ctr *subkeys;
135 int i;
136 char *path;
137 WERROR werr;
138
139 /* swap out the SIDs in the security descriptor */
140
141 if (nk->sec_desc->sec_desc == NULL) {
142 fprintf(stderr, "Invalid (NULL) security descriptor!\n");
143 return false;
144 }
145
146 new_sd = security_descriptor_copy(outfile->mem_ctx,
147 nk->sec_desc->sec_desc);
148 if (new_sd == NULL) {
149 fprintf(stderr, "Failed to copy security descriptor!\n");
150 return False;
151 }
152
153 verbose_output("ACL for %s%s%s\n", parentpath, parent ? "\\" : "", nk->keyname);
154 swap_sid_in_acl( new_sd, &old_sid, &new_sid );
155
156 werr = regsubkey_ctr_init(NULL, &subkeys);
157 if (!W_ERROR_IS_OK(werr)) {
158 DEBUG(0,("copy_registry_tree: talloc() failure!\n"));
159 return False;
160 }
161
162 werr = regval_ctr_init(subkeys, &values);
163 if (!W_ERROR_IS_OK(werr)) {
164 TALLOC_FREE( subkeys );
165 DEBUG(0,("copy_registry_tree: talloc() failure!\n"));
166 return False;
167 }
168
169 /* copy values into the struct regval_ctr */
170
171 for ( i=0; i<nk->num_values; i++ ) {
172 regval_ctr_addvalue( values, nk->values[i].valuename, nk->values[i].type,
173 nk->values[i].data, (nk->values[i].data_size & ~VK_DATA_IN_OFFSET) );
174 }
175
176 /* copy subkeys into the struct regsubkey_ctr */
177
178 while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
179 regsubkey_ctr_addkey( subkeys, subkey->keyname );
180 }
181
182 key = regfio_write_key( outfile, nk->keyname, values, subkeys, new_sd, parent );
183
184 /* write each one of the subkeys out */
185
186 path = talloc_asprintf(subkeys, "%s%s%s",
187 parentpath, parent ? "\\" : "",nk->keyname);
188 if (!path) {
189 TALLOC_FREE( subkeys );
190 return false;
191 }
192
193 nk->subkey_index = 0;
194 while ((subkey = regfio_fetch_subkey(infile, nk))) {
195 if (!copy_registry_tree( infile, subkey, key, outfile, path)) {
196 TALLOC_FREE(subkeys);
197 return false;
198 }
199 }
200
201
202 verbose_output("[%s]\n", path);
203
204 /* values is a talloc()'d child of subkeys here so just throw it all away */
205 TALLOC_FREE(subkeys);
206
207 return True;
208 }
209
210 /*********************************************************************
211 *********************************************************************/
212
213 int main( int argc, const char *argv[] )
214 {
215 TALLOC_CTX *frame = talloc_stackframe();
216 int opt;
217 REGF_FILE *infile, *outfile;
218 REGF_NK_REC *nk;
219 char *orig_filename, *new_filename;
220 struct poptOption long_options[] = {
221 POPT_AUTOHELP
222 {
223 .longName = "change-sid",
224 .shortName = 'c',
225 .argInfo = POPT_ARG_STRING,
226 .arg = NULL,
227 .val = 'c',
228 .descrip = "Provides SID to change",
229 },
230 {
231 .longName = "new-sid",
232 .shortName = 'n',
233 .argInfo = POPT_ARG_STRING,
234 .arg = NULL,
235 .val = 'n',
236 .descrip = "Provides SID to change to",
237 },
238 {
239 .longName = "verbose",
240 .shortName = 'v',
241 .argInfo = POPT_ARG_NONE,
242 .arg = &opt_verbose,
243 .val = 'v',
244 .descrip = "Verbose output",
245 },
246 POPT_COMMON_SAMBA
247 POPT_COMMON_VERSION
248 POPT_TABLEEND
249 };
250 poptContext pc;
251 bool ok;
252
253 smb_init_locale();
254
255 ok = samba_cmdline_init(frame,
256 SAMBA_CMDLINE_CONFIG_CLIENT,
257 false /* require_smbconf */);
258 if (!ok) {
259 DBG_ERR("Failed to init cmdline parser!\n");
260 TALLOC_FREE(frame);
261 exit(1);
262 }
263
264 pc = samba_popt_get_context(getprogname(),
265 argc,
266 argv,
267 long_options,
268 POPT_CONTEXT_KEEP_FIRST);
269 if (pc == NULL) {
270 DBG_ERR("Failed to setup popt context!\n");
271 TALLOC_FREE(frame);
272 exit(1);
273 }
274
275 poptSetOtherOptionHelp(pc, "<profilefile>");
276
277 /* Now, process the arguments */
278
279 while ((opt = poptGetNextOpt(pc)) != -1) {
280 switch (opt) {
281 case 'c':
282 change = 1;
283 if (!string_to_sid(&old_sid, poptGetOptArg(pc))) {
284 fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n");
285 poptPrintUsage(pc, stderr, 0);
286 exit(254);
287 }
288 break;
289
290 case 'n':
291 new_val = 1;
292 if (!string_to_sid(&new_sid, poptGetOptArg(pc))) {
293 fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n");
294 poptPrintUsage(pc, stderr, 0);
295 exit(253);
296 }
297 break;
298
299 case POPT_ERROR_BADOPT:
300 fprintf(stderr, "\nInvalid option %s: %s\n\n",
301 poptBadOption(pc, 0), poptStrerror(opt));
302 poptPrintUsage(pc, stderr, 0);
303 exit(1);
304 }
305 }
306
307 poptGetArg(pc);
308
309 if (!poptPeekArg(pc)) {
310 poptPrintUsage(pc, stderr, 0);
311 exit(1);
312 }
313
314 if ((!change && new_val) || (change && !new_val)) {
315 fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n");
316 poptPrintUsage(pc, stderr, 0);
317 exit(252);
318 }
319
320 orig_filename = talloc_strdup(frame, poptPeekArg(pc));
321 if (!orig_filename) {
322 exit(ENOMEM);
323 }
324 new_filename = talloc_asprintf(frame,
325 "%s.new",
326 orig_filename);
327 if (!new_filename) {
328 exit(ENOMEM);
329 }
330
331 if (!(infile = regfio_open( orig_filename, O_RDONLY, 0))) {
332 fprintf( stderr, "Failed to open %s!\n", orig_filename );
333 fprintf( stderr, "Error was (%s)\n", strerror(errno) );
334 exit (1);
335 }
336
337 if ( !(outfile = regfio_open( new_filename, (O_RDWR|O_CREAT|O_TRUNC),
338 (S_IRUSR|S_IWUSR) )) ) {
339 fprintf( stderr, "Failed to open new file %s!\n", new_filename );
340 fprintf( stderr, "Error was (%s)\n", strerror(errno) );
341 exit (1);
342 }
343
344 /* actually do the update now */
345
346 if ((nk = regfio_rootkey( infile )) == NULL) {
347 fprintf(stderr, "Could not get rootkey\n");
348 exit(3);
349 }
350
351 if (!copy_registry_tree( infile, nk, NULL, outfile, "")) {
352 fprintf(stderr, "Failed to write updated registry file!\n");
353 exit(2);
354 }
355
356 /* cleanup */
357
358 regfio_close(infile);
359 regfio_close(outfile);
360
361 poptFreeContext(pc);
362
363 TALLOC_FREE(frame);
364 return 0;
365 }
Samba GIT mirror