summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRichard Sharpe <sharpe@samba.org>2002-11-01 07:43:54 +0000
committerRichard Sharpe <sharpe@samba.org>2002-11-01 07:43:54 +0000
commitcbb4ccdaea5a44f4fc918011b66e78cd27faf5f6 (patch)
tree70e2dd1529982f978d40af7f3873ee3182b2633c
parenta71b29ad8e7895326ed65c2566bc20af738832b5 (diff)
downloadsamba-cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6.tar.gz
samba-cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6.tar.bz2
samba-cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6.zip
Add more. Parse SIDs on the command line ... soon will actually mod the
SecDescs in the NTUSER.DAT ... (This used to be commit dbc608ba7e591175cd02f4adfdcfecd1350526a5)
-rw-r--r--source3/utils/profiles.c99
1 files changed, 88 insertions, 11 deletions
diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c
index e5c00cf6e4..d12ddbe331 100644
--- a/source3/utils/profiles.c
+++ b/source3/utils/profiles.c
@@ -391,6 +391,8 @@ typedef struct acl_struct {
#define OFF(f) (0x1000 + (f) + 4)
+void print_sid(DOM_SID *sid);
+
/* Compare two SIDs for equality */
int compare_sid(DOM_SID *s1, DOM_SID *s2)
{
@@ -407,6 +409,45 @@ int compare_sid(DOM_SID *s1, DOM_SID *s2)
}
+/*
+ * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and
+ * construct a DOM_SID
+ */
+int get_sid(DOM_SID *sid, char *sid_str)
+{
+ int i = 0, auth;
+ char *lstr;
+
+ if (strncmp(sid_str, "S-1-5", 5)) {
+ fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str);
+ return 0;
+ }
+
+ /* We only allow strings of form S-1-5... */
+
+ sid->sid_rev_num = 1;
+ sid->id_auth[5] = 5;
+
+ lstr = sid_str + 5;
+
+ while (1) {
+ if (!lstr || !lstr[0] || sscanf(lstr, "-%d", &auth) == 0) {
+ if (i < 4) {
+ fprintf(stderr, "Not of form -d-d...: %s, %u\n", lstr, i);
+ return 0;
+ }
+ sid->num_auths=i;
+ print_sid(sid);
+ return 1;
+ }
+
+ sid->sub_auths[i++] = auth;
+ lstr = strchr(lstr + 1, '-');
+ }
+
+ return 1;
+}
+
/*
* Replace SID1, component by component with SID2
* Assumes will never be called with unequal length SIDS
@@ -449,12 +490,12 @@ void print_acl(ACL *acl, char *prefix)
}
}
-void usage(void)
+void usage(voi)
{
fprintf(stderr, "usage: profiles [-c <OLD-SID> -n <NEW-SID>] <profilefile>\n");
fprintf(stderr, "Version: %s\n", VERSION);
- fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid provides SID to change");
- fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid provides SID to change to");
+ fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid - provides SID to change");
+ fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid - provides SID to change to");
fprintf(stderr, "\n\t\tBoth must be present if the other is.");
fprintf(stderr, "\n\t\tIf neither present, just report the SIDs found\n");
}
@@ -463,7 +504,10 @@ DOM_SID old_sid, new_sid;
int main(int argc, char *argv[])
{
- int i, fd, aces, start = 0;
+ extern char *optarg;
+ extern int optind;
+ int opt;
+ int i, fd, aces, start = 0, change = 0, new = 0;
int verbose = 0;
int process_sids = 0;
void *base;
@@ -486,16 +530,49 @@ int main(int argc, char *argv[])
* Now, process the arguments
*/
- fd = open(argv[1], O_RDWR, 0000);
+ while ((opt = getopt(argc, argv, "c:n:")) != EOF) {
+ switch (opt) {
+ case 'c':
+ change = 1;
+ if (!get_sid(&old_sid, optarg)) {
+ fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n");
+ usage();
+ exit(254);
+ }
+ break;
+
+ case 'n':
+ new = 1;
+ if (!get_sid(&new_sid, optarg)) {
+ fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n");
+ usage();
+ exit(253);
+ }
+
+ break;
+
+ default:
+ usage();
+ exit(255);
+ }
+ }
+
+ if ((!change & new) || (change & !new)) {
+ fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n");
+ usage();
+ exit(252);
+ }
+
+ fd = open(argv[optind], O_RDWR, 0000);
if (fd < 0) {
- fprintf(stderr, "Could not open %s: %s\n", argv[1],
+ fprintf(stderr, "Could not open %s: %s\n", argv[optind],
strerror(errno));
exit(2);
}
if (fstat(fd, &sbuf) < 0) {
- fprintf(stderr, "Could not stat file %s, %s\n", argv[1],
+ fprintf(stderr, "Could not stat file %s, %s\n", argv[optind],
strerror(errno));
exit(3);
}
@@ -508,7 +585,7 @@ int main(int argc, char *argv[])
base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
if ((int)base == -1) {
- fprintf(stderr, "Could not mmap file: %s, %s\n", argv[1],
+ fprintf(stderr, "Could not mmap file: %s, %s\n", argv[optind],
strerror(errno));
exit(4);
}
@@ -518,7 +595,7 @@ int main(int argc, char *argv[])
if (verbose) fprintf(stdout, "Registry file size: %u\n", sbuf.st_size);
if (regf_hdr->REGF_ID != REG_REGF_ID) {
- fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[1]);
+ fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[optind]);
exit(5);
}
@@ -532,7 +609,7 @@ int main(int argc, char *argv[])
*/
if (hbin_hdr->HBIN_ID != REG_HBIN_ID) {
- fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[1]);
+ fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[optind]);
exit(6);
}
@@ -542,7 +619,7 @@ int main(int argc, char *argv[])
nk_hdr = (NK_HDR *)(base + 0x1000 + regf_hdr->first_key + 4);
if (nk_hdr->NK_ID != REG_NK_ID) {
- fprintf(stderr, "Incorrect NK Header: %s\n", argv[1]);
+ fprintf(stderr, "Incorrect NK Header: %s\n", argv[optind]);
exit(7);
}