2 * Unix SMB/CIFS implementation.
4 * Eventlog RPC server keys initialization
6 * Copyright (c) 2005 Marcin Krzysztof Porwit
7 * Copyright (c) 2005 Brian Moran
8 * Copyright (c) 2005 Gerald (Jerry) Carter
9 * Copyright (c) 2011 Andreas Schneider <asn@samba.org>
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 #include "../librpc/gen_ndr/ndr_winreg_c.h"
27 #include "rpc_client/cli_winreg_int.h"
28 #include "rpc_client/cli_winreg.h"
29 #include "rpc_server/eventlog/srv_eventlog_reg.h"
33 #define DBGC_CLASS DBGC_REGISTRY
35 #define TOP_LEVEL_EVENTLOG_KEY "SYSTEM\\CurrentControlSet\\Services\\Eventlog"
37 bool eventlog_init_winreg(struct messaging_context
*msg_ctx
)
39 struct dcerpc_binding_handle
*h
= NULL
;
40 uint32_t access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
41 struct policy_handle hive_hnd
, key_hnd
;
42 uint32_t uiMaxSize
= 0x00080000;
43 uint32_t uiRetention
= 0x93A80;
44 const char **elogs
= lp_eventlog_list();
45 const char **subkeys
= NULL
;
46 uint32_t num_subkeys
= 0;
50 WERROR result
= WERR_OK
;
54 tmp_ctx
= talloc_stackframe();
55 if (tmp_ctx
== NULL
) {
59 DEBUG(3, ("Initialise the eventlog registry keys if needed.\n"));
61 key
= talloc_strdup(tmp_ctx
, TOP_LEVEL_EVENTLOG_KEY
);
63 status
= dcerpc_winreg_int_hklm_openkey(tmp_ctx
,
64 get_session_info_system(),
73 if (!NT_STATUS_IS_OK(status
)) {
74 DEBUG(0, ("eventlog_init_winreg: Could not open %s - %s\n",
75 key
, nt_errstr(status
)));
78 if (!W_ERROR_IS_OK(result
)) {
79 DEBUG(0, ("eventlog_init_winreg: Could not open %s - %s\n",
80 key
, win_errstr(result
)));
84 status
= dcerpc_winreg_enum_keys(tmp_ctx
,
90 if (!NT_STATUS_IS_OK(status
)) {
91 DEBUG(0, ("eventlog_init_winreg: Could enum keys at %s - %s\n",
92 key
, nt_errstr(status
)));
95 if (!W_ERROR_IS_OK(result
)) {
96 DEBUG(0, ("eventlog_init_winreg: Could enum keys at %s - %s\n",
97 key
, win_errstr(result
)));
101 if (is_valid_policy_hnd(&key_hnd
)) {
102 dcerpc_winreg_CloseKey(h
, tmp_ctx
, &key_hnd
, &result
);
105 /* create subkeys if they don't exist */
106 while (elogs
&& *elogs
) {
107 enum winreg_CreateAction action
= REG_ACTION_NONE
;
108 char *evt_tdb
= NULL
;
109 struct winreg_String wkey
;
110 struct winreg_String wkeyclass
;
113 for (i
= 0; i
< num_subkeys
; i
++) {
114 if (strequal(subkeys
[i
], *elogs
)) {
124 ZERO_STRUCT(key_hnd
);
127 wkey
.name
= talloc_asprintf(tmp_ctx
, "%s\\%s", key
, *elogs
);
128 if (wkey
.name
== NULL
) {
133 ZERO_STRUCT(wkeyclass
);
137 status
= dcerpc_winreg_CreateKey(h
,
148 if (!NT_STATUS_IS_OK(status
)) {
149 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
150 wkey
.name
, nt_errstr(status
)));
153 if (!W_ERROR_IS_OK(result
)) {
154 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
155 wkey
.name
, win_errstr(result
)));
159 status
= dcerpc_winreg_set_dword(tmp_ctx
,
166 status
= dcerpc_winreg_set_dword(tmp_ctx
,
173 status
= dcerpc_winreg_set_sz(tmp_ctx
,
180 evt_tdb
= talloc_asprintf(tmp_ctx
,
181 "%%SystemRoot%%\\system32\\config\\%s.tdb",
183 if (evt_tdb
== NULL
) {
186 status
= dcerpc_winreg_set_expand_sz(tmp_ctx
,
192 TALLOC_FREE(evt_tdb
);
194 status
= dcerpc_winreg_add_multi_sz(tmp_ctx
,
201 if (is_valid_policy_hnd(&key_hnd
)) {
202 dcerpc_winreg_CloseKey(h
, tmp_ctx
, &key_hnd
, &result
);
207 uint32_t uiCategoryCount
= 0x00000007;
209 wkey
.name
= talloc_asprintf(tmp_ctx
,
212 if (wkey
.name
== NULL
) {
217 status
= dcerpc_winreg_CreateKey(h
,
228 if (!NT_STATUS_IS_OK(status
)) {
229 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
230 wkey
.name
, nt_errstr(status
)));
233 if (!W_ERROR_IS_OK(result
)) {
234 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
235 wkey
.name
, win_errstr(result
)));
239 status
= dcerpc_winreg_set_dword(tmp_ctx
,
246 status
= dcerpc_winreg_set_expand_sz(tmp_ctx
,
249 "CategoryMessageFile",
250 "%SystemRoot%\\system32\\eventlog.dll",
253 if (is_valid_policy_hnd(&key_hnd
)) {
254 dcerpc_winreg_CloseKey(h
, tmp_ctx
, &key_hnd
, &result
);
263 TALLOC_FREE(tmp_ctx
);
267 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */