diff options
author | Richard Sharpe <sharpe@samba.org> | 2002-11-01 07:43:54 +0000 |
---|---|---|
committer | Richard Sharpe <sharpe@samba.org> | 2002-11-01 07:43:54 +0000 |
commit | cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6 (patch) | |
tree | 70e2dd1529982f978d40af7f3873ee3182b2633c | |
parent | a71b29ad8e7895326ed65c2566bc20af738832b5 (diff) | |
download | samba-cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6.tar.gz samba-cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6.tar.bz2 samba-cbb4ccdaea5a44f4fc918011b66e78cd27faf5f6.zip |
Add more. Parse SIDs on the command line ... soon will actually mod the
SecDescs in the NTUSER.DAT ...
(This used to be commit dbc608ba7e591175cd02f4adfdcfecd1350526a5)
-rw-r--r-- | source3/utils/profiles.c | 99 |
1 files changed, 88 insertions, 11 deletions
diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c index e5c00cf6e4..d12ddbe331 100644 --- a/source3/utils/profiles.c +++ b/source3/utils/profiles.c @@ -391,6 +391,8 @@ typedef struct acl_struct { #define OFF(f) (0x1000 + (f) + 4) +void print_sid(DOM_SID *sid); + /* Compare two SIDs for equality */ int compare_sid(DOM_SID *s1, DOM_SID *s2) { @@ -407,6 +409,45 @@ int compare_sid(DOM_SID *s1, DOM_SID *s2) } +/* + * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and + * construct a DOM_SID + */ +int get_sid(DOM_SID *sid, char *sid_str) +{ + int i = 0, auth; + char *lstr; + + if (strncmp(sid_str, "S-1-5", 5)) { + fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str); + return 0; + } + + /* We only allow strings of form S-1-5... */ + + sid->sid_rev_num = 1; + sid->id_auth[5] = 5; + + lstr = sid_str + 5; + + while (1) { + if (!lstr || !lstr[0] || sscanf(lstr, "-%d", &auth) == 0) { + if (i < 4) { + fprintf(stderr, "Not of form -d-d...: %s, %u\n", lstr, i); + return 0; + } + sid->num_auths=i; + print_sid(sid); + return 1; + } + + sid->sub_auths[i++] = auth; + lstr = strchr(lstr + 1, '-'); + } + + return 1; +} + /* * Replace SID1, component by component with SID2 * Assumes will never be called with unequal length SIDS @@ -449,12 +490,12 @@ void print_acl(ACL *acl, char *prefix) } } -void usage(void) +void usage(voi) { fprintf(stderr, "usage: profiles [-c <OLD-SID> -n <NEW-SID>] <profilefile>\n"); fprintf(stderr, "Version: %s\n", VERSION); - fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid provides SID to change"); - fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid provides SID to change to"); + fprintf(stderr, "\n\t-c S-1-5-21-z-y-x-oldrid - provides SID to change"); + fprintf(stderr, "\n\t-n S-1-5-21-a-b-c-newrid - provides SID to change to"); fprintf(stderr, "\n\t\tBoth must be present if the other is."); fprintf(stderr, "\n\t\tIf neither present, just report the SIDs found\n"); } @@ -463,7 +504,10 @@ DOM_SID old_sid, new_sid; int main(int argc, char *argv[]) { - int i, fd, aces, start = 0; + extern char *optarg; + extern int optind; + int opt; + int i, fd, aces, start = 0, change = 0, new = 0; int verbose = 0; int process_sids = 0; void *base; @@ -486,16 +530,49 @@ int main(int argc, char *argv[]) * Now, process the arguments */ - fd = open(argv[1], O_RDWR, 0000); + while ((opt = getopt(argc, argv, "c:n:")) != EOF) { + switch (opt) { + case 'c': + change = 1; + if (!get_sid(&old_sid, optarg)) { + fprintf(stderr, "Argument to -c should be a SID in form of S-1-5-...\n"); + usage(); + exit(254); + } + break; + + case 'n': + new = 1; + if (!get_sid(&new_sid, optarg)) { + fprintf(stderr, "Argument to -n should be a SID in form of S-1-5-...\n"); + usage(); + exit(253); + } + + break; + + default: + usage(); + exit(255); + } + } + + if ((!change & new) || (change & !new)) { + fprintf(stderr, "You must specify both -c and -n if one or the other is set!\n"); + usage(); + exit(252); + } + + fd = open(argv[optind], O_RDWR, 0000); if (fd < 0) { - fprintf(stderr, "Could not open %s: %s\n", argv[1], + fprintf(stderr, "Could not open %s: %s\n", argv[optind], strerror(errno)); exit(2); } if (fstat(fd, &sbuf) < 0) { - fprintf(stderr, "Could not stat file %s, %s\n", argv[1], + fprintf(stderr, "Could not stat file %s, %s\n", argv[optind], strerror(errno)); exit(3); } @@ -508,7 +585,7 @@ int main(int argc, char *argv[]) base = mmap(&start, sbuf.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); if ((int)base == -1) { - fprintf(stderr, "Could not mmap file: %s, %s\n", argv[1], + fprintf(stderr, "Could not mmap file: %s, %s\n", argv[optind], strerror(errno)); exit(4); } @@ -518,7 +595,7 @@ int main(int argc, char *argv[]) if (verbose) fprintf(stdout, "Registry file size: %u\n", sbuf.st_size); if (regf_hdr->REGF_ID != REG_REGF_ID) { - fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[1]); + fprintf(stderr, "Incorrect Registry file (doesn't have header ID): %s\n", argv[optind]); exit(5); } @@ -532,7 +609,7 @@ int main(int argc, char *argv[]) */ if (hbin_hdr->HBIN_ID != REG_HBIN_ID) { - fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[1]); + fprintf(stderr, "Incorrect hbin hdr: %s\n", argv[optind]); exit(6); } @@ -542,7 +619,7 @@ int main(int argc, char *argv[]) nk_hdr = (NK_HDR *)(base + 0x1000 + regf_hdr->first_key + 4); if (nk_hdr->NK_ID != REG_NK_ID) { - fprintf(stderr, "Incorrect NK Header: %s\n", argv[1]); + fprintf(stderr, "Incorrect NK Header: %s\n", argv[optind]); exit(7); } |