2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
5 * Copyright (C) Marcin Krzysztof Porwit 2005.
7 * Largely Rewritten (Again) by:
8 * Copyright (C) Gerald (Jerry) Carter 2005.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 #define DBGC_CLASS DBGC_RPC_SRV
30 struct service_control_op
{
32 SERVICE_CONTROL_OPS
*ops
;
35 extern SERVICE_CONTROL_OPS spoolss_svc_ops
;
36 extern SERVICE_CONTROL_OPS rcinit_svc_ops
;
37 extern SERVICE_CONTROL_OPS netlogon_svc_ops
;
38 extern SERVICE_CONTROL_OPS winreg_svc_ops
;
40 struct service_control_op
*svcctl_ops
;
42 static struct generic_mapping scm_generic_map
=
43 { SC_MANAGER_READ_ACCESS
, SC_MANAGER_WRITE_ACCESS
, SC_MANAGER_EXECUTE_ACCESS
, SC_MANAGER_ALL_ACCESS
};
44 static struct generic_mapping svc_generic_map
=
45 { SERVICE_READ_ACCESS
, SERVICE_WRITE_ACCESS
, SERVICE_EXECUTE_ACCESS
, SERVICE_ALL_ACCESS
};
48 /********************************************************************
49 ********************************************************************/
51 BOOL
init_service_op_table( void )
53 const char **service_list
= lp_svcctl_list();
54 int num_services
= 3 + str_list_count( service_list
);
57 if ( !(svcctl_ops
= TALLOC_ARRAY( NULL
, struct service_control_op
, num_services
+1)) ) {
58 DEBUG(0,("init_service_op_table: talloc() failed!\n"));
62 /* services listed in smb.conf get the rc.init interface */
64 for ( i
=0; service_list
[i
]; i
++ ) {
65 svcctl_ops
[i
].name
= talloc_strdup( svcctl_ops
, service_list
[i
] );
66 svcctl_ops
[i
].ops
= &rcinit_svc_ops
;
69 /* add builtin services */
71 svcctl_ops
[i
].name
= talloc_strdup( svcctl_ops
, "Spooler" );
72 svcctl_ops
[i
].ops
= &spoolss_svc_ops
;
75 svcctl_ops
[i
].name
= talloc_strdup( svcctl_ops
, "NETLOGON" );
76 svcctl_ops
[i
].ops
= &netlogon_svc_ops
;
79 svcctl_ops
[i
].name
= talloc_strdup( svcctl_ops
, "RemoteRegistry" );
80 svcctl_ops
[i
].ops
= &winreg_svc_ops
;
83 /* NULL terminate the array */
85 svcctl_ops
[i
].name
= NULL
;
86 svcctl_ops
[i
].ops
= NULL
;
91 /********************************************************************
92 ********************************************************************/
94 static struct service_control_op
* find_service_by_name( const char *name
)
98 for ( i
=0; svcctl_ops
[i
].name
; i
++ ) {
99 if ( strequal( name
, svcctl_ops
[i
].name
) )
100 return &svcctl_ops
[i
];
105 /********************************************************************
106 ********************************************************************/
108 static NTSTATUS
svcctl_access_check( SEC_DESC
*sec_desc
, NT_USER_TOKEN
*token
,
109 uint32 access_desired
, uint32
*access_granted
)
113 if ( geteuid() == sec_initial_uid() ) {
114 DEBUG(5,("svcctl_access_check: using root's token\n"));
115 token
= get_root_nt_token();
118 se_access_check( sec_desc
, token
, access_desired
, access_granted
, &result
);
123 /********************************************************************
124 ********************************************************************/
126 static SEC_DESC
* construct_scm_sd( TALLOC_CTX
*ctx
)
135 /* basic access for Everyone */
137 init_sec_access(&mask
, SC_MANAGER_READ_ACCESS
);
138 init_sec_ace(&ace
[i
++], &global_sid_World
, SEC_ACE_TYPE_ACCESS_ALLOWED
, mask
, 0);
140 /* Full Access 'BUILTIN\Administrators' */
142 init_sec_access(&mask
,SC_MANAGER_ALL_ACCESS
);
143 init_sec_ace(&ace
[i
++], &global_sid_Builtin_Administrators
, SEC_ACE_TYPE_ACCESS_ALLOWED
, mask
, 0);
146 /* create the security descriptor */
148 if ( !(acl
= make_sec_acl(ctx
, NT4_ACL_REVISION
, i
, ace
)) )
151 if ( !(sd
= make_sec_desc(ctx
, SEC_DESC_REVISION
, SEC_DESC_SELF_RELATIVE
, NULL
, NULL
, NULL
, acl
, &sd_size
)) )
157 /******************************************************************
158 free() function for REGISTRY_KEY
159 *****************************************************************/
161 static void free_service_handle_info(void *ptr
)
166 /******************************************************************
167 Find a registry key handle and return a SERVICE_INFO
168 *****************************************************************/
170 static SERVICE_INFO
*find_service_info_by_hnd(pipes_struct
*p
, POLICY_HND
*hnd
)
172 SERVICE_INFO
*service_info
= NULL
;
174 if( !find_policy_by_hnd( p
, hnd
, (void **)&service_info
) ) {
175 DEBUG(2,("find_service_info_by_hnd: handle not found"));
182 /******************************************************************
183 *****************************************************************/
185 static WERROR
create_open_service_handle( pipes_struct
*p
, POLICY_HND
*handle
, uint32 type
,
186 const char *service
, uint32 access_granted
)
188 SERVICE_INFO
*info
= NULL
;
189 WERROR result
= WERR_OK
;
190 struct service_control_op
*s_op
;
192 if ( !(info
= TALLOC_ZERO_P( NULL
, SERVICE_INFO
)) )
195 /* the Service Manager has a NULL name */
197 info
->type
= SVC_HANDLE_IS_SCM
;
200 case SVC_HANDLE_IS_SCM
:
201 info
->type
= SVC_HANDLE_IS_SCM
;
204 case SVC_HANDLE_IS_DBLOCK
:
205 info
->type
= SVC_HANDLE_IS_DBLOCK
;
208 case SVC_HANDLE_IS_SERVICE
:
209 info
->type
= SVC_HANDLE_IS_SERVICE
;
211 /* lookup the SERVICE_CONTROL_OPS */
213 if ( !(s_op
= find_service_by_name( service
)) ) {
214 result
= WERR_NO_SUCH_SERVICE
;
218 info
->ops
= s_op
->ops
;
220 if ( !(info
->name
= talloc_strdup( info
, s_op
->name
)) ) {
227 result
= WERR_NO_SUCH_SERVICE
;
231 info
->access_granted
= access_granted
;
233 /* store the SERVICE_INFO and create an open handle */
235 if ( !create_policy_hnd( p
, handle
, free_service_handle_info
, info
) ) {
236 result
= WERR_ACCESS_DENIED
;
241 if ( !W_ERROR_IS_OK(result
) )
242 free_service_handle_info( info
);
247 /********************************************************************
248 ********************************************************************/
250 WERROR
_svcctl_open_scmanager(pipes_struct
*p
, SVCCTL_Q_OPEN_SCMANAGER
*q_u
, SVCCTL_R_OPEN_SCMANAGER
*r_u
)
253 uint32 access_granted
= 0;
256 /* perform access checks */
258 if ( !(sec_desc
= construct_scm_sd( p
->mem_ctx
)) )
261 se_map_generic( &q_u
->access
, &scm_generic_map
);
262 status
= svcctl_access_check( sec_desc
, p
->pipe_user
.nt_user_token
, q_u
->access
, &access_granted
);
263 if ( !NT_STATUS_IS_OK(status
) )
264 return ntstatus_to_werror( status
);
266 return create_open_service_handle( p
, &r_u
->handle
, SVC_HANDLE_IS_SCM
, NULL
, access_granted
);
269 /********************************************************************
270 ********************************************************************/
272 WERROR
_svcctl_open_service(pipes_struct
*p
, SVCCTL_Q_OPEN_SERVICE
*q_u
, SVCCTL_R_OPEN_SERVICE
*r_u
)
275 uint32 access_granted
= 0;
279 rpcstr_pull(service
, q_u
->servicename
.buffer
, sizeof(service
), q_u
->servicename
.uni_str_len
*2, 0);
281 DEBUG(5, ("_svcctl_open_service: Attempting to open Service [%s], \n", service
));
284 /* based on my tests you can open a service if you have a valid scm handle */
286 if ( !find_service_info_by_hnd( p
, &q_u
->handle
) )
289 /* perform access checks. Use the root token in order to ensure that we
290 retreive the security descriptor */
292 if ( !(sec_desc
= svcctl_get_secdesc( p
->mem_ctx
, service
, get_root_nt_token() )) )
295 se_map_generic( &q_u
->access
, &svc_generic_map
);
296 status
= svcctl_access_check( sec_desc
, p
->pipe_user
.nt_user_token
, q_u
->access
, &access_granted
);
297 if ( !NT_STATUS_IS_OK(status
) )
298 return ntstatus_to_werror( status
);
300 return create_open_service_handle( p
, &r_u
->handle
, SVC_HANDLE_IS_SERVICE
, service
, access_granted
);
303 /********************************************************************
304 ********************************************************************/
306 WERROR
_svcctl_close_service(pipes_struct
*p
, SVCCTL_Q_CLOSE_SERVICE
*q_u
, SVCCTL_R_CLOSE_SERVICE
*r_u
)
308 return close_policy_hnd( p
, &q_u
->handle
) ? WERR_OK
: WERR_BADFID
;
311 /********************************************************************
312 ********************************************************************/
314 WERROR
_svcctl_get_display_name(pipes_struct
*p
, SVCCTL_Q_GET_DISPLAY_NAME
*q_u
, SVCCTL_R_GET_DISPLAY_NAME
*r_u
)
317 const char *display_name
;
318 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
320 /* can only use an SCM handle here */
322 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SCM
) )
325 rpcstr_pull(service
, q_u
->servicename
.buffer
, sizeof(service
), q_u
->servicename
.uni_str_len
*2, 0);
327 display_name
= svcctl_lookup_dispname( service
, p
->pipe_user
.nt_user_token
);
328 init_svcctl_r_get_display_name( r_u
, display_name
);
333 /********************************************************************
334 ********************************************************************/
336 WERROR
_svcctl_query_status(pipes_struct
*p
, SVCCTL_Q_QUERY_STATUS
*q_u
, SVCCTL_R_QUERY_STATUS
*r_u
)
338 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
340 /* perform access checks */
342 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SERVICE
) )
345 if ( !(info
->access_granted
& SC_RIGHT_SVC_QUERY_STATUS
) )
346 return WERR_ACCESS_DENIED
;
348 /* try the service specific status call */
350 return info
->ops
->service_status( info
->name
, &r_u
->svc_status
);
353 /********************************************************************
354 ********************************************************************/
356 static int enumerate_status( TALLOC_CTX
*ctx
, ENUM_SERVICES_STATUS
**status
, NT_USER_TOKEN
*token
)
358 int num_services
= 0;
360 ENUM_SERVICES_STATUS
*st
;
361 const char *display_name
;
364 while ( svcctl_ops
[num_services
].name
)
367 if ( !(st
= TALLOC_ARRAY( ctx
, ENUM_SERVICES_STATUS
, num_services
)) ) {
368 DEBUG(0,("enumerate_status: talloc() failed!\n"));
372 for ( i
=0; i
<num_services
; i
++ ) {
373 init_unistr( &st
[i
].servicename
, svcctl_ops
[i
].name
);
375 display_name
= svcctl_lookup_dispname( svcctl_ops
[i
].name
, token
);
376 init_unistr( &st
[i
].displayname
, display_name
);
378 svcctl_ops
[i
].ops
->service_status( svcctl_ops
[i
].name
, &st
[i
].status
);
386 /********************************************************************
387 ********************************************************************/
389 WERROR
_svcctl_enum_services_status(pipes_struct
*p
, SVCCTL_Q_ENUM_SERVICES_STATUS
*q_u
, SVCCTL_R_ENUM_SERVICES_STATUS
*r_u
)
391 ENUM_SERVICES_STATUS
*services
= NULL
;
394 size_t buffer_size
= 0;
395 WERROR result
= WERR_OK
;
396 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
397 NT_USER_TOKEN
*token
= p
->pipe_user
.nt_user_token
;
399 /* perform access checks */
401 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SCM
) )
404 if ( !(info
->access_granted
& SC_RIGHT_MGR_ENUMERATE_SERVICE
) )
405 return WERR_ACCESS_DENIED
;
407 if ( (num_services
= enumerate_status( p
->mem_ctx
, &services
, token
)) == -1 )
410 for ( i
=0; i
<num_services
; i
++ ) {
411 buffer_size
+= svcctl_sizeof_enum_services_status(&services
[i
]);
414 buffer_size
+= buffer_size
% 4;
416 if (buffer_size
> q_u
->buffer_size
) {
418 result
= WERR_MORE_DATA
;
421 rpcbuf_init(&r_u
->buffer
, q_u
->buffer_size
, p
->mem_ctx
);
423 if ( W_ERROR_IS_OK(result
) ) {
424 for ( i
=0; i
<num_services
; i
++ )
425 svcctl_io_enum_services_status( "", &services
[i
], &r_u
->buffer
, 0 );
428 r_u
->needed
= (buffer_size
> q_u
->buffer_size
) ? buffer_size
: q_u
->buffer_size
;
429 r_u
->returned
= num_services
;
431 if ( !(r_u
->resume
= TALLOC_P( p
->mem_ctx
, uint32
)) )
439 /********************************************************************
440 ********************************************************************/
442 WERROR
_svcctl_start_service(pipes_struct
*p
, SVCCTL_Q_START_SERVICE
*q_u
, SVCCTL_R_START_SERVICE
*r_u
)
444 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
446 /* perform access checks */
448 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SERVICE
) )
451 if ( !(info
->access_granted
& SC_RIGHT_SVC_START
) )
452 return WERR_ACCESS_DENIED
;
454 return info
->ops
->start_service( info
->name
);
457 /********************************************************************
458 ********************************************************************/
460 WERROR
_svcctl_control_service(pipes_struct
*p
, SVCCTL_Q_CONTROL_SERVICE
*q_u
, SVCCTL_R_CONTROL_SERVICE
*r_u
)
462 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
464 /* perform access checks */
466 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SERVICE
) )
469 switch ( q_u
->control
) {
470 case SVCCTL_CONTROL_STOP
:
471 if ( !(info
->access_granted
& SC_RIGHT_SVC_STOP
) )
472 return WERR_ACCESS_DENIED
;
474 return info
->ops
->stop_service( info
->name
, &r_u
->svc_status
);
476 case SVCCTL_CONTROL_INTERROGATE
:
477 if ( !(info
->access_granted
& SC_RIGHT_SVC_QUERY_STATUS
) )
478 return WERR_ACCESS_DENIED
;
480 return info
->ops
->service_status( info
->name
, &r_u
->svc_status
);
483 /* default control action */
485 return WERR_ACCESS_DENIED
;
488 /********************************************************************
489 ********************************************************************/
491 WERROR
_svcctl_enum_dependent_services( pipes_struct
*p
, SVCCTL_Q_ENUM_DEPENDENT_SERVICES
*q_u
, SVCCTL_R_ENUM_DEPENDENT_SERVICES
*r_u
)
493 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
495 /* perform access checks */
497 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SERVICE
) )
500 if ( !(info
->access_granted
& SC_RIGHT_SVC_ENUMERATE_DEPENDENTS
) )
501 return WERR_ACCESS_DENIED
;
503 /* we have to set the outgoing buffer size to the same as the
504 incoming buffer size (even in the case of failure */
506 rpcbuf_init( &r_u
->buffer
, q_u
->buffer_size
, p
->mem_ctx
);
508 r_u
->needed
= q_u
->buffer_size
;
510 /* no dependent services...basically a stub function */
516 /********************************************************************
517 ********************************************************************/
519 WERROR
_svcctl_query_service_status_ex( pipes_struct
*p
, SVCCTL_Q_QUERY_SERVICE_STATUSEX
*q_u
, SVCCTL_R_QUERY_SERVICE_STATUSEX
*r_u
)
521 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
524 /* perform access checks */
526 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SERVICE
) )
529 if ( !(info
->access_granted
& SC_RIGHT_SVC_QUERY_STATUS
) )
530 return WERR_ACCESS_DENIED
;
532 /* we have to set the outgoing buffer size to the same as the
533 incoming buffer size (even in the case of failure) */
535 rpcbuf_init( &r_u
->buffer
, q_u
->buffer_size
, p
->mem_ctx
);
536 r_u
->needed
= q_u
->buffer_size
;
538 switch ( q_u
->level
) {
539 case SVC_STATUS_PROCESS_INFO
:
541 SERVICE_STATUS_PROCESS svc_stat_proc
;
543 /* Get the status of the service.. */
544 info
->ops
->service_status( info
->name
, &svc_stat_proc
.status
);
545 svc_stat_proc
.process_id
= sys_getpid();
546 svc_stat_proc
.service_flags
= 0x0;
548 svcctl_io_service_status_process( "", &svc_stat_proc
, &r_u
->buffer
, 0 );
549 buffer_size
= sizeof(SERVICE_STATUS_PROCESS
);
554 return WERR_UNKNOWN_LEVEL
;
558 buffer_size
+= buffer_size
% 4;
559 r_u
->needed
= (buffer_size
> q_u
->buffer_size
) ? buffer_size
: q_u
->buffer_size
;
561 if (buffer_size
> q_u
->buffer_size
)
562 return WERR_MORE_DATA
;
567 /********************************************************************
568 ********************************************************************/
570 static WERROR
fill_svc_config( TALLOC_CTX
*ctx
, const char *name
, SERVICE_CONFIG
*config
, NT_USER_TOKEN
*token
)
575 /* retrieve the registry values for this service */
577 if ( !(values
= svcctl_fetch_regvalues( name
, token
)) )
578 return WERR_REG_CORRUPT
;
580 /* now fill in the individual values */
582 config
->displayname
= TALLOC_ZERO_P( ctx
, UNISTR2
);
583 if ( (val
= regval_ctr_getvalue( values
, "DisplayName" )) != NULL
)
584 init_unistr2( config
->displayname
, regval_sz( val
), UNI_STR_TERMINATE
);
586 init_unistr2( config
->displayname
, name
, UNI_STR_TERMINATE
);
588 if ( (val
= regval_ctr_getvalue( values
, "ObjectName" )) != NULL
) {
589 config
->startname
= TALLOC_ZERO_P( ctx
, UNISTR2
);
590 init_unistr2( config
->startname
, regval_sz( val
), UNI_STR_TERMINATE
);
593 if ( (val
= regval_ctr_getvalue( values
, "ImagePath" )) != NULL
) {
594 config
->executablepath
= TALLOC_ZERO_P( ctx
, UNISTR2
);
595 init_unistr2( config
->executablepath
, regval_sz( val
), UNI_STR_TERMINATE
);
598 /* a few hard coded values */
599 /* loadordergroup and dependencies are empty */
601 config
->tag_id
= 0x00000000; /* unassigned loadorder group */
602 config
->service_type
= SVCCTL_WIN32_OWN_PROC
;
603 config
->start_type
= SVCCTL_DEMAND_START
;
604 config
->error_control
= SVCCTL_SVC_ERROR_NORMAL
;
606 TALLOC_FREE( values
);
611 /********************************************************************
612 ********************************************************************/
614 WERROR
_svcctl_query_service_config( pipes_struct
*p
, SVCCTL_Q_QUERY_SERVICE_CONFIG
*q_u
, SVCCTL_R_QUERY_SERVICE_CONFIG
*r_u
)
616 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
620 /* perform access checks */
622 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SERVICE
) )
625 if ( !(info
->access_granted
& SC_RIGHT_SVC_QUERY_CONFIG
) )
626 return WERR_ACCESS_DENIED
;
628 /* we have to set the outgoing buffer size to the same as the
629 incoming buffer size (even in the case of failure */
631 r_u
->needed
= q_u
->buffer_size
;
633 wresult
= fill_svc_config( p
->mem_ctx
, info
->name
, &r_u
->config
, p
->pipe_user
.nt_user_token
);
634 if ( !W_ERROR_IS_OK(wresult
) )
637 buffer_size
= svcctl_sizeof_service_config( &r_u
->config
);
638 r_u
->needed
= (buffer_size
> q_u
->buffer_size
) ? buffer_size
: q_u
->buffer_size
;
640 if (buffer_size
> q_u
->buffer_size
) {
641 ZERO_STRUCTP( &r_u
->config
);
642 return WERR_INSUFFICIENT_BUFFER
;
648 /********************************************************************
649 ********************************************************************/
651 WERROR
_svcctl_query_service_config2( pipes_struct
*p
, SVCCTL_Q_QUERY_SERVICE_CONFIG2
*q_u
, SVCCTL_R_QUERY_SERVICE_CONFIG2
*r_u
)
653 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
656 /* perform access checks */
658 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SERVICE
) )
661 if ( !(info
->access_granted
& SC_RIGHT_SVC_QUERY_CONFIG
) )
662 return WERR_ACCESS_DENIED
;
664 /* we have to set the outgoing buffer size to the same as the
665 incoming buffer size (even in the case of failure */
667 rpcbuf_init( &r_u
->buffer
, q_u
->buffer_size
, p
->mem_ctx
);
668 r_u
->needed
= q_u
->buffer_size
;
670 switch ( q_u
->level
) {
671 case SERVICE_CONFIG_DESCRIPTION
:
673 SERVICE_DESCRIPTION desc_buf
;
674 const char *description
;
676 description
= svcctl_lookup_description( info
->name
, p
->pipe_user
.nt_user_token
);
678 ZERO_STRUCTP( &desc_buf
);
680 init_service_description_buffer( &desc_buf
, description
);
681 svcctl_io_service_description( "", &desc_buf
, &r_u
->buffer
, 0 );
682 buffer_size
= svcctl_sizeof_service_description( &desc_buf
);
687 case SERVICE_CONFIG_FAILURE_ACTIONS
:
689 SERVICE_FAILURE_ACTIONS actions
;
691 /* nothing to say...just service the request */
693 ZERO_STRUCTP( &actions
);
694 svcctl_io_service_fa( "", &actions
, &r_u
->buffer
, 0 );
695 buffer_size
= svcctl_sizeof_service_fa( &actions
);
702 return WERR_UNKNOWN_LEVEL
;
705 buffer_size
+= buffer_size
% 4;
706 r_u
->needed
= (buffer_size
> q_u
->buffer_size
) ? buffer_size
: q_u
->buffer_size
;
708 if (buffer_size
> q_u
->buffer_size
)
709 return WERR_INSUFFICIENT_BUFFER
;
714 /********************************************************************
715 ********************************************************************/
717 WERROR
_svcctl_lock_service_db( pipes_struct
*p
, SVCCTL_Q_LOCK_SERVICE_DB
*q_u
, SVCCTL_R_LOCK_SERVICE_DB
*r_u
)
719 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->handle
);
721 /* perform access checks */
723 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_SCM
) )
726 if ( !(info
->access_granted
& SC_RIGHT_MGR_LOCK
) )
727 return WERR_ACCESS_DENIED
;
729 /* Just open a handle. Doesn't actually lock anything */
731 return create_open_service_handle( p
, &r_u
->h_lock
, SVC_HANDLE_IS_DBLOCK
, NULL
, 0 );
735 /********************************************************************
736 ********************************************************************/
738 WERROR
_svcctl_unlock_service_db( pipes_struct
*p
, SVCCTL_Q_UNLOCK_SERVICE_DB
*q_u
, SVCCTL_R_UNLOCK_SERVICE_DB
*r_u
)
740 SERVICE_INFO
*info
= find_service_info_by_hnd( p
, &q_u
->h_lock
);
743 if ( !info
|| (info
->type
!= SVC_HANDLE_IS_DBLOCK
) )
746 return close_policy_hnd( p
, &q_u
->h_lock
) ? WERR_OK
: WERR_BADFID
;