diff options
Diffstat (limited to 'source3/utils/net_rpc_audit.c')
-rw-r--r-- | source3/utils/net_rpc_audit.c | 182 |
1 files changed, 92 insertions, 90 deletions
diff --git a/source3/utils/net_rpc_audit.c b/source3/utils/net_rpc_audit.c index b7fda2b8e3..50bd555f16 100644 --- a/source3/utils/net_rpc_audit.c +++ b/source3/utils/net_rpc_audit.c @@ -1,21 +1,21 @@ -/* - Samba Unix/Linux SMB client library - Distributed SMB/CIFS Server Management Utility +/* + Samba Unix/Linux SMB client library + Distributed SMB/CIFS Server Management Utility Copyright (C) 2006 Guenther Deschner This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ - + #include "includes.h" #include "utils/net.h" @@ -54,29 +54,26 @@ static void print_auditing_category(const char *policy, const char *value) pad_len = col_len - strlen(policy); padding[pad_len] = 0; do padding[--pad_len] = ' '; while (pad_len > 0); - + d_printf("\t%s%s%s\n", policy, padding, value); } - /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; + union lsa_PolicyInformation info; int i; - - uint32 info_class = 2; - uint32 audit_category; + uint32_t audit_category; if (argc < 1 || argc > 2) { d_printf("insufficient arguments\n"); @@ -89,7 +86,7 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, return NT_STATUS_INVALID_PARAMETER; } - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -97,15 +94,16 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - for (i=0; i < dom.info.id2.count1; i++) { + for (i=0; i < info.audit_events.count; i++) { const char *val = NULL, *policy = NULL; @@ -113,14 +111,15 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, continue; } - val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[i]); + val = audit_policy_str(mem_ctx, info.audit_events.settings[i]); policy = audit_description_str(i); print_auditing_category(policy, val); } done: if (!NT_STATUS_IS_OK(result)) { - d_printf("failed to get auditing policy: %s\n", nt_errstr(result)); + d_printf("failed to get auditing policy: %s\n", + nt_errstr(result)); } return result; @@ -130,19 +129,17 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, ********************************************************************/ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; - - uint32 info_class = 2; - uint32 audit_policy, audit_category; + union lsa_PolicyInformation info; + uint32_t audit_policy, audit_category; if (argc < 2 || argc > 3) { d_printf("insufficient arguments\n"); @@ -170,7 +167,7 @@ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, return NT_STATUS_INVALID_PARAMETER; } - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -178,29 +175,32 @@ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - dom.info.id2.auditsettings[audit_category] = audit_policy; + info.audit_events.settings[audit_category] = audit_policy; + + result = rpccli_lsa_SetInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); - result = rpccli_lsa_set_info_policy(pipe_hnd, mem_ctx, &pol, - info_class, - dom); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); - + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); { - const char *val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[audit_category]); + const char *val = audit_policy_str(mem_ctx, info.audit_events.settings[audit_category]); const char *policy = audit_description_str(audit_category); print_auditing_category(policy, val); } @@ -209,11 +209,14 @@ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, if (!NT_STATUS_IS_OK(result)) { d_printf("failed to set audit policy: %s\n", nt_errstr(result)); } - + return result; } -static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv, @@ -221,11 +224,9 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; - - uint32 info_class = 2; + union lsa_PolicyInformation info; - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -233,19 +234,20 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); - + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - dom.info.id2.auditing_enabled = enable; + info.audit_events.auditing_mode = enable; - result = rpccli_lsa_set_info_policy(pipe_hnd, mem_ctx, &pol, - info_class, - dom); + result = rpccli_lsa_SetInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -253,59 +255,60 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, done: if (!NT_STATUS_IS_OK(result)) { - d_printf("failed to %s audit policy: %s\n", enable ? "enable":"disable", - nt_errstr(result)); + d_printf("failed to %s audit policy: %s\n", + enable ? "enable":"disable", nt_errstr(result)); } return result; } + /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_disable_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { - return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, False); + return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, + false); } /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_enable_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { - return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, True); + return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, + true); } /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_list_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; + union lsa_PolicyInformation info; int i; - uint32 info_class = 2; - - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -313,53 +316,52 @@ static NTSTATUS rpc_audit_list_internal(const DOM_SID *domain_sid, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); - + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } printf("Auditing:\t\t"); - switch (dom.info.id2.auditing_enabled) { - case True: + switch (info.audit_events.auditing_mode) { + case true: printf("Enabled"); break; - case False: + case false: printf("Disabled"); break; default: - printf("unknown (%d)", dom.info.id2.auditing_enabled); + printf("unknown (%d)", info.audit_events.auditing_mode); break; } printf("\n"); - printf("Auditing categories:\t%d\n", dom.info.id2.count1); + printf("Auditing categories:\t%d\n", info.audit_events.count); printf("Auditing settings:\n"); - for (i=0; i < dom.info.id2.count1; i++) { - const char *val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[i]); + for (i=0; i < info.audit_events.count; i++) { + const char *val = audit_policy_str(mem_ctx, info.audit_events.settings[i]); const char *policy = audit_description_str(i); print_auditing_category(policy, val); } done: if (!NT_STATUS_IS_OK(result)) { - d_printf("failed to list auditing policies: %s\n", nt_errstr(result)); + d_printf("failed to list auditing policies: %s\n", + nt_errstr(result)); } return result; } - - /******************************************************************** ********************************************************************/ static int rpc_audit_get(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_get_internal, argc, argv); } @@ -368,7 +370,7 @@ static int rpc_audit_get(int argc, const char **argv) static int rpc_audit_set(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_set_internal, argc, argv); } @@ -377,7 +379,7 @@ static int rpc_audit_set(int argc, const char **argv) static int rpc_audit_enable(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_enable_internal, argc, argv); } @@ -386,7 +388,7 @@ static int rpc_audit_enable(int argc, const char **argv) static int rpc_audit_disable(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_disable_internal, argc, argv); } @@ -395,14 +397,14 @@ static int rpc_audit_disable(int argc, const char **argv) static int rpc_audit_list(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_list_internal, argc, argv); } /******************************************************************** ********************************************************************/ -int net_rpc_audit(int argc, const char **argv) +int net_rpc_audit(int argc, const char **argv) { struct functable func[] = { {"get", rpc_audit_get}, @@ -412,9 +414,9 @@ int net_rpc_audit(int argc, const char **argv) {"list", rpc_audit_list}, {NULL, NULL} }; - + if (argc) return net_run_function(argc, argv, func, net_help_audit); - + return net_help_audit(argc, argv); } |