From 60c211a3abd5eadb359db5f02941f32e2d881e52 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Mon, 3 May 1999 21:52:29 +0000 Subject: Added a new command to rpcclient: eventlog where is System, Security or Application. That's a crude equivalent to the eventviewer. Jean Francois (This used to be commit 66b4b896fbcabb964a427d0c0aa2f57997e0f6bb) --- source3/include/rpc_eventlog.h | 133 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 133 insertions(+) create mode 100644 source3/include/rpc_eventlog.h (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h new file mode 100644 index 0000000000..cc4d9fc62d --- /dev/null +++ b/source3/include/rpc_eventlog.h @@ -0,0 +1,133 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + Interface header: Scheduler service + Copyright (C) Luke Kenneth Casson Leighton 1996-1999 + Copyright (C) Andrew Tridgell 1992-1999 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#ifndef _RPC_EVENTLOG_H +#define _RPC_EVENTLOG_H + +#define EVENTLOG_OPEN 0x07 +#define EVENTLOG_CLOSE 0x02 +#define EVENTLOG_NUMOFEVENTLOGRECORDS 0x04 +#define EVENTLOG_READEVENTLOG 0x0a + +#define EVENTLOG_READ_SEQUENTIAL 0x01 +#define EVENTLOG_READ_SEEK 0x02 +#define EVENTLOG_READ_FORWARD 0x04 +#define EVENTLOG_READ_BACKWARD 0x08 + +#define EVENTLOG_OK 0X00 +#define EVENTLOG_ERROR 0x01 +#define EVENTLOG_WARNING 0x02 +#define EVENTLOG_INFORMATION 0x04 +#define EVENTLOG_AUDIT_OK 0x08 +#define EVENTLOG_AUDIT_ERROR 0x10 + +typedef struct eventlogrecord +{ + uint32 size; + uint32 reserved; + uint32 recordnumber; + uint32 creationtime; + uint32 writetime; + uint32 eventnumber; + uint16 eventtype; + uint16 num_of_strings; + uint16 category; + uint16 reserved_flag; + uint32 closingrecord; + uint32 stringoffset; + uint32 sid_length; + uint32 sid_offset; + uint32 data_length; + uint32 data_offset; + UNISTR sourcename; + UNISTR computername; + UNISTR sid; + UNISTR strings; + UNISTR data; + uint32 size2; +} EVENTLOGRECORD; + +typedef struct eventlog_q_open +{ + uint32 ptr0; + + uint16 unk0; + uint16 unk1; + uint16 unk2; + uint16 unk3; + + uint32 ptr_source; + + UNISTR2 source; + + uint32 unk4; + uint32 unk5; + uint32 unk6; + uint32 unk7; +} EVENTLOG_Q_OPEN; + +typedef struct eventlog_r_open +{ + POLICY_HND pol; + uint32 status; +} EVENTLOG_R_OPEN; + +typedef struct eventlog_q_close +{ + POLICY_HND pol; +} EVENTLOG_Q_CLOSE; + +typedef struct eventlog_r_close +{ + POLICY_HND pol; + uint32 status; +} EVENTLOG_R_CLOSE; + +typedef struct eventlog_q_numofeventlogrec +{ + POLICY_HND pol; +} EVENTLOG_Q_NUMOFEVENTLOGREC; + +typedef struct eventlog_r_numofeventlogrec +{ + uint32 number; + uint32 status; +} EVENTLOG_R_NUMOFEVENTLOGREC; + +typedef struct eventlog_q_readeventlog +{ + POLICY_HND pol; + uint32 flags; + uint32 offset; + uint32 number_of_bytes; +} EVENTLOG_Q_READEVENTLOG; + +typedef struct eventlog_r_readeventlog +{ + uint32 number_of_bytes; + EVENTLOGRECORD *event; + uint32 sent_size; + uint32 real_size; + uint32 status; +} EVENTLOG_R_READEVENTLOG; + +#endif /* _RPC_EVENTLOG_H */ -- cgit From d2d6144253da533fb2f47cae9e0ed008a167585b Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 18 Aug 1999 20:33:49 +0000 Subject: event log update, netsessenum, netconnenum update. (This used to be commit 819af560745b0bec7bfb9067dd9d9d6cfabb1555) --- source3/include/rpc_eventlog.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index cc4d9fc62d..14e5570c9b 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -72,23 +72,23 @@ typedef struct eventlog_q_open uint16 unk0; uint16 unk1; - uint16 unk2; - uint16 unk3; - uint32 ptr_source; - - UNISTR2 source; + UNIHDR hdr_source; + UNISTR2 uni_source; + + UNIHDR hdr_unk; + UNISTR2 uni_unk; - uint32 unk4; - uint32 unk5; uint32 unk6; uint32 unk7; + } EVENTLOG_Q_OPEN; typedef struct eventlog_r_open { POLICY_HND pol; uint32 status; + } EVENTLOG_R_OPEN; typedef struct eventlog_q_close -- cgit From 32a965e09ce4befe971855e11e1fb5ceb51a9ed1 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 13 Dec 1999 13:35:20 +0000 Subject: 2nd phase of head branch sync with SAMBA_2_0 - this delets all the files that were in the head branch but weren't in SAMBA_2_0 (This used to be commit d7b208786590b5a28618590172b8d523627dda09) --- source3/include/rpc_eventlog.h | 133 ----------------------------------------- 1 file changed, 133 deletions(-) delete mode 100644 source3/include/rpc_eventlog.h (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h deleted file mode 100644 index 14e5570c9b..0000000000 --- a/source3/include/rpc_eventlog.h +++ /dev/null @@ -1,133 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - Interface header: Scheduler service - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 - Copyright (C) Andrew Tridgell 1992-1999 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _RPC_EVENTLOG_H -#define _RPC_EVENTLOG_H - -#define EVENTLOG_OPEN 0x07 -#define EVENTLOG_CLOSE 0x02 -#define EVENTLOG_NUMOFEVENTLOGRECORDS 0x04 -#define EVENTLOG_READEVENTLOG 0x0a - -#define EVENTLOG_READ_SEQUENTIAL 0x01 -#define EVENTLOG_READ_SEEK 0x02 -#define EVENTLOG_READ_FORWARD 0x04 -#define EVENTLOG_READ_BACKWARD 0x08 - -#define EVENTLOG_OK 0X00 -#define EVENTLOG_ERROR 0x01 -#define EVENTLOG_WARNING 0x02 -#define EVENTLOG_INFORMATION 0x04 -#define EVENTLOG_AUDIT_OK 0x08 -#define EVENTLOG_AUDIT_ERROR 0x10 - -typedef struct eventlogrecord -{ - uint32 size; - uint32 reserved; - uint32 recordnumber; - uint32 creationtime; - uint32 writetime; - uint32 eventnumber; - uint16 eventtype; - uint16 num_of_strings; - uint16 category; - uint16 reserved_flag; - uint32 closingrecord; - uint32 stringoffset; - uint32 sid_length; - uint32 sid_offset; - uint32 data_length; - uint32 data_offset; - UNISTR sourcename; - UNISTR computername; - UNISTR sid; - UNISTR strings; - UNISTR data; - uint32 size2; -} EVENTLOGRECORD; - -typedef struct eventlog_q_open -{ - uint32 ptr0; - - uint16 unk0; - uint16 unk1; - - UNIHDR hdr_source; - UNISTR2 uni_source; - - UNIHDR hdr_unk; - UNISTR2 uni_unk; - - uint32 unk6; - uint32 unk7; - -} EVENTLOG_Q_OPEN; - -typedef struct eventlog_r_open -{ - POLICY_HND pol; - uint32 status; - -} EVENTLOG_R_OPEN; - -typedef struct eventlog_q_close -{ - POLICY_HND pol; -} EVENTLOG_Q_CLOSE; - -typedef struct eventlog_r_close -{ - POLICY_HND pol; - uint32 status; -} EVENTLOG_R_CLOSE; - -typedef struct eventlog_q_numofeventlogrec -{ - POLICY_HND pol; -} EVENTLOG_Q_NUMOFEVENTLOGREC; - -typedef struct eventlog_r_numofeventlogrec -{ - uint32 number; - uint32 status; -} EVENTLOG_R_NUMOFEVENTLOGREC; - -typedef struct eventlog_q_readeventlog -{ - POLICY_HND pol; - uint32 flags; - uint32 offset; - uint32 number_of_bytes; -} EVENTLOG_Q_READEVENTLOG; - -typedef struct eventlog_r_readeventlog -{ - uint32 number_of_bytes; - EVENTLOGRECORD *event; - uint32 sent_size; - uint32 real_size; - uint32 status; -} EVENTLOG_R_READEVENTLOG; - -#endif /* _RPC_EVENTLOG_H */ -- cgit From 5d1cb8e79edea9e8581d3c2c9dd297310cd9a98c Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 23 Mar 2005 23:26:33 +0000 Subject: r6014: rather large change set.... pulling back all recent rpc changes from trunk into 3.0. I've tested a compile and so don't think I've missed any files. But if so, just mail me and I'll clean backup in a couple of hours. Changes include \winreg, \eventlog, \svcctl, and general parse_misc.c updates. I am planning on bracketing the event code with an #ifdef ENABLE_EVENTLOG until I finish merging Marcin's changes (very soon). (This used to be commit 4e0ac63c36527cd8c52ef720cae17e84f67e7221) --- source3/include/rpc_eventlog.h | 193 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 193 insertions(+) create mode 100644 source3/include/rpc_eventlog.h (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h new file mode 100644 index 0000000000..b692a76225 --- /dev/null +++ b/source3/include/rpc_eventlog.h @@ -0,0 +1,193 @@ +/* + * Unix SMB/CIFS implementation. + * RPC Pipe client / server routines + * Copyright (C) Marcin Krzysztof Porwit 2005. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#ifndef _RPC_EVENTLOG_H /* _RPC_EVENTLOG_H */ +#define _RPC_EVENTLOG_H + +/* opcodes */ + +#define EVENTLOG_CLEAREVENTLOG 0x00 +#define EVENTLOG_CLOSEEVENTLOG 0x02 +#define EVENTLOG_GETNUMRECORDS 0x04 +#define EVENTLOG_GETOLDESTENTRY 0x05 +#define EVENTLOG_OPENEVENTLOG 0x07 +#define EVENTLOG_READEVENTLOG 0x0a + +/* Eventlog read flags */ + +#define EVENTLOG_SEQUENTIAL_READ 0x0001 +#define EVENTLOG_SEEK_READ 0x0002 +#define EVENTLOG_FORWARDS_READ 0x0004 +#define EVENTLOG_BACKWARDS_READ 0x0008 + +/* Event types */ + +#define EVENTLOG_SUCCESS 0x0000 +#define EVENTLOG_ERROR_TYPE 0x0001 +#define EVENTLOG_WARNING_TYPE 0x0002 +#define EVENTLOG_INFORMATION_TYPE 0x0004 +#define EVENTLOG_AUDIT_SUCCESS 0x0008 +#define EVENTLOG_AUDIT_FAILURE 0x0010 + + +typedef struct eventlog_q_open_eventlog +{ + uint32 unknown1; + uint16 unknown2; + uint16 unknown3; + uint16 sourcename_length; + uint16 sourcename_size; + uint32 sourcename_ptr; + UNISTR2 sourcename; + uint32 servername_ptr; + UNISTR2 servername; +} +EVENTLOG_Q_OPEN_EVENTLOG; + +typedef struct eventlog_r_open_eventlog +{ + POLICY_HND handle; + WERROR status; +} +EVENTLOG_R_OPEN_EVENTLOG; + +typedef struct eventlog_q_close_eventlog +{ + POLICY_HND handle; +} +EVENTLOG_Q_CLOSE_EVENTLOG; + +typedef struct eventlog_r_close_eventlog +{ + POLICY_HND handle; + WERROR status; +} +EVENTLOG_R_CLOSE_EVENTLOG; + +typedef struct eventlog_q_get_num_records +{ + POLICY_HND handle; +} +EVENTLOG_Q_GET_NUM_RECORDS; + +typedef struct eventlog_r_get_num_records +{ + uint32 num_records; + WERROR status; +} +EVENTLOG_R_GET_NUM_RECORDS; + +typedef struct eventlog_q_get_oldest_entry +{ + POLICY_HND handle; +} +EVENTLOG_Q_GET_OLDEST_ENTRY; + +typedef struct eventlog_r_get_oldest_entry +{ + uint32 oldest_entry; + WERROR status; +} +EVENTLOG_R_GET_OLDEST_ENTRY; + +typedef struct eventlog_q_read_eventlog +{ + POLICY_HND handle; + uint32 flags; + uint32 offset; + uint32 max_read_size; +} +EVENTLOG_Q_READ_EVENTLOG; + +typedef struct eventlog_record +{ + uint32 length; + uint32 reserved1; + uint32 record_number; + uint32 time_generated; + uint32 time_written; + uint32 event_id; + uint16 event_type; + uint16 num_strings; + uint16 event_category; + uint16 reserved2; + uint32 closing_record_number; + uint32 string_offset; + uint32 user_sid_length; + uint32 user_sid_offset; + uint32 data_length; + uint32 data_offset; +} Eventlog_record; + +typedef struct eventlog_data_record +{ + uint32 source_name_len; + wpstring source_name; + uint32 computer_name_len; + wpstring computer_name; + uint32 sid_padding; + wpstring sid; + uint32 strings_len; + wpstring strings; + uint32 user_data_len; + pstring user_data; + uint32 data_padding; +} Eventlog_data_record; + +typedef struct eventlog_entry +{ + Eventlog_record record; + Eventlog_data_record data_record; + uint8 *data; + uint8 *end_of_data_padding; + struct eventlog_entry *next; +} Eventlog_entry; + +typedef struct eventlog_r_read_eventlog +{ + uint32 num_bytes_in_resp; + uint32 bytes_in_next_record; + uint32 num_records; + Eventlog_entry *entry; + uint8 *end_of_entries_padding; + uint32 sent_size; + uint32 real_size; + WERROR status; +} +EVENTLOG_R_READ_EVENTLOG; + +typedef struct eventlog_q_clear_eventlog +{ + POLICY_HND handle; + uint32 unknown1; + uint16 backup_file_length; + uint16 backup_file_size; + uint32 backup_file_ptr; + UNISTR2 backup_file; +} +EVENTLOG_Q_CLEAR_EVENTLOG; + +typedef struct eventlog_r_clear_eventlog +{ + WERROR status; +} +EVENTLOG_R_CLEAR_EVENTLOG; + +#endif /* _RPC_EVENTLOG_H */ -- cgit From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 30 Sep 2005 17:13:37 +0000 Subject: r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3) --- source3/include/rpc_eventlog.h | 124 +++++++++++++++++++---------------------- 1 file changed, 56 insertions(+), 68 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index b692a76225..7ce1199b21 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -47,77 +47,74 @@ #define EVENTLOG_AUDIT_FAILURE 0x0010 -typedef struct eventlog_q_open_eventlog -{ - uint32 unknown1; +/***********************************/ + +typedef struct { + uint16 unknown1; uint16 unknown2; - uint16 unknown3; - uint16 sourcename_length; - uint16 sourcename_size; - uint32 sourcename_ptr; - UNISTR2 sourcename; - uint32 servername_ptr; - UNISTR2 servername; -} -EVENTLOG_Q_OPEN_EVENTLOG; - -typedef struct eventlog_r_open_eventlog -{ +} EVENTLOG_OPEN_UNKNOWN0; + +typedef struct { + EVENTLOG_OPEN_UNKNOWN0 *unknown0; + UNISTR4 logname; + UNISTR4 servername; + uint32 unknown1; + uint32 unknown2; +} EVENTLOG_Q_OPEN_EVENTLOG; + +typedef struct { POLICY_HND handle; WERROR status; -} -EVENTLOG_R_OPEN_EVENTLOG; +} EVENTLOG_R_OPEN_EVENTLOG; -typedef struct eventlog_q_close_eventlog -{ + +/***********************************/ + +typedef struct { POLICY_HND handle; -} -EVENTLOG_Q_CLOSE_EVENTLOG; +} EVENTLOG_Q_CLOSE_EVENTLOG; -typedef struct eventlog_r_close_eventlog -{ +typedef struct { POLICY_HND handle; WERROR status; -} -EVENTLOG_R_CLOSE_EVENTLOG; +} EVENTLOG_R_CLOSE_EVENTLOG; -typedef struct eventlog_q_get_num_records -{ + +/***********************************/ + +typedef struct { POLICY_HND handle; -} -EVENTLOG_Q_GET_NUM_RECORDS; +} EVENTLOG_Q_GET_NUM_RECORDS; -typedef struct eventlog_r_get_num_records -{ +typedef struct { uint32 num_records; WERROR status; -} -EVENTLOG_R_GET_NUM_RECORDS; +} EVENTLOG_R_GET_NUM_RECORDS; -typedef struct eventlog_q_get_oldest_entry -{ + +/***********************************/ + +typedef struct { POLICY_HND handle; -} -EVENTLOG_Q_GET_OLDEST_ENTRY; +} EVENTLOG_Q_GET_OLDEST_ENTRY; -typedef struct eventlog_r_get_oldest_entry -{ +typedef struct { uint32 oldest_entry; WERROR status; -} -EVENTLOG_R_GET_OLDEST_ENTRY; +} EVENTLOG_R_GET_OLDEST_ENTRY; + -typedef struct eventlog_q_read_eventlog +/***********************************/ + +typedef struct { POLICY_HND handle; uint32 flags; uint32 offset; uint32 max_read_size; -} -EVENTLOG_Q_READ_EVENTLOG; +} EVENTLOG_Q_READ_EVENTLOG; -typedef struct eventlog_record -{ +typedef struct { uint32 length; uint32 reserved1; uint32 record_number; @@ -136,8 +133,7 @@ typedef struct eventlog_record uint32 data_offset; } Eventlog_record; -typedef struct eventlog_data_record -{ +typedef struct { uint32 source_name_len; wpstring source_name; uint32 computer_name_len; @@ -151,8 +147,7 @@ typedef struct eventlog_data_record uint32 data_padding; } Eventlog_data_record; -typedef struct eventlog_entry -{ +typedef struct eventlog_entry { Eventlog_record record; Eventlog_data_record data_record; uint8 *data; @@ -160,8 +155,7 @@ typedef struct eventlog_entry struct eventlog_entry *next; } Eventlog_entry; -typedef struct eventlog_r_read_eventlog -{ +typedef struct { uint32 num_bytes_in_resp; uint32 bytes_in_next_record; uint32 num_records; @@ -170,24 +164,18 @@ typedef struct eventlog_r_read_eventlog uint32 sent_size; uint32 real_size; WERROR status; -} -EVENTLOG_R_READ_EVENTLOG; +} EVENTLOG_R_READ_EVENTLOG; -typedef struct eventlog_q_clear_eventlog -{ + +/***********************************/ + +typedef struct { POLICY_HND handle; - uint32 unknown1; - uint16 backup_file_length; - uint16 backup_file_size; - uint32 backup_file_ptr; - UNISTR2 backup_file; -} -EVENTLOG_Q_CLEAR_EVENTLOG; - -typedef struct eventlog_r_clear_eventlog -{ + UNISTR4 backupfile; +} EVENTLOG_Q_CLEAR_EVENTLOG; + +typedef struct { WERROR status; -} -EVENTLOG_R_CLEAR_EVENTLOG; +} EVENTLOG_R_CLEAR_EVENTLOG; #endif /* _RPC_EVENTLOG_H */ -- cgit From 0bf72b6e330a76bee502cb36c1cb80c46d47d33c Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 6 Oct 2005 17:48:03 +0000 Subject: r10781: merging eventlog and svcctl code from trunk (This used to be commit f10aa9fb84bfac4f1a22b74d63999668700ffaac) --- source3/include/rpc_eventlog.h | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 7ce1199b21..9f968fb54e 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -46,6 +46,14 @@ #define EVENTLOG_AUDIT_SUCCESS 0x0008 #define EVENTLOG_AUDIT_FAILURE 0x0010 +/* Defines for TDB keys */ +#define VN_oldest_entry "INFO/oldest_entry" +#define VN_next_record "INFO/next_record" +#define VN_version "INFO/version" +#define VN_maxsize "INFO/maxsize" +#define VN_retention "INFO/retention" + +#define EVENTLOG_DATABASE_VERSION_V1 1 /***********************************/ -- cgit From bb68761a500fc5d426c75e53700fa793e016135f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 14 Oct 2005 16:07:00 +0000 Subject: r11060: merging new eventlog code from trunk (This used to be commit 1bcf7e82ede63a851a244162a3b939373787b693) --- source3/include/rpc_eventlog.h | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 9f968fb54e..c94b2fa879 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -47,11 +47,15 @@ #define EVENTLOG_AUDIT_FAILURE 0x0010 /* Defines for TDB keys */ -#define VN_oldest_entry "INFO/oldest_entry" -#define VN_next_record "INFO/next_record" -#define VN_version "INFO/version" -#define VN_maxsize "INFO/maxsize" -#define VN_retention "INFO/retention" +#define EVT_OLDEST_ENTRY "INFO/oldest_entry" +#define EVT_NEXT_RECORD "INFO/next_record" +#define EVT_VERSION "INFO/version" +#define EVT_MAXSIZE "INFO/maxsize" +#define EVT_RETENTION "INFO/retention" + +#define ELOG_APPL "Application" +#define ELOG_SYS "System" +#define ELOG_SEC "Security" #define EVENTLOG_DATABASE_VERSION_V1 1 -- cgit From e1ffd2d612184fb1343cbe7e1d5d1aacebe0e8fa Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 27 Oct 2005 13:30:23 +0000 Subject: r11332: eventlog API uses NTSTATUS, not WERROR for return codes (This used to be commit f5f40633bc3f641a0fef4934375d0d829899b0d7) --- source3/include/rpc_eventlog.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index c94b2fa879..67e03edbc6 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -76,7 +76,7 @@ typedef struct { typedef struct { POLICY_HND handle; - WERROR status; + NTSTATUS status; } EVENTLOG_R_OPEN_EVENTLOG; @@ -88,7 +88,7 @@ typedef struct { typedef struct { POLICY_HND handle; - WERROR status; + NTSTATUS status; } EVENTLOG_R_CLOSE_EVENTLOG; @@ -100,7 +100,7 @@ typedef struct { typedef struct { uint32 num_records; - WERROR status; + NTSTATUS status; } EVENTLOG_R_GET_NUM_RECORDS; @@ -112,7 +112,7 @@ typedef struct { typedef struct { uint32 oldest_entry; - WERROR status; + NTSTATUS status; } EVENTLOG_R_GET_OLDEST_ENTRY; @@ -175,7 +175,7 @@ typedef struct { uint8 *end_of_entries_padding; uint32 sent_size; uint32 real_size; - WERROR status; + NTSTATUS status; } EVENTLOG_R_READ_EVENTLOG; @@ -187,7 +187,7 @@ typedef struct { } EVENTLOG_Q_CLEAR_EVENTLOG; typedef struct { - WERROR status; + NTSTATUS status; } EVENTLOG_R_CLEAR_EVENTLOG; #endif /* _RPC_EVENTLOG_H */ -- cgit From 5251618c7fff7635a4b64072f88eaf5e4e25761e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 17 Nov 2005 20:08:59 +0000 Subject: r11761: * fix clearing of event logs by truncating the tdb. This feature got broken in some of the other updates. Now each open handle stores an pointer to an open tdb data structure (not the tdb pointer itself). Clearing can be done with a simple elog_close_tdb( elog, True ) to force a close and then calling elog_open_tdb( logname, True ) to force an tdb truncate. Permissions on existing tdbs are maintained which is important. * We don't currently handle backup. Haven't looked at the format of a backuped up eventlog to know what the deal is. (This used to be commit 2df34c9403446d12f1ceeac38cbda5d3ba805b02) --- source3/include/rpc_eventlog.h | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 67e03edbc6..5bede97d1c 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -57,6 +57,16 @@ #define ELOG_SYS "System" #define ELOG_SEC "Security" +typedef struct elog_tdb { + struct elog_tdb *prev, *next; + char *name; + TDB_CONTEXT *tdb; + int ref_count; +} ELOG_TDB; + +#define ELOG_TDB_CTX(x) ((x)->tdb) + + #define EVENTLOG_DATABASE_VERSION_V1 1 /***********************************/ -- cgit From 738f168eccca161f2e2814f78338af36243210cc Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 18 Sep 2006 19:46:11 +0000 Subject: r18623: starting on eventlog IDL (This used to be commit 6cb7b6226da0b3060f4850fc2cc2ca82fbdcaa8f) --- source3/include/rpc_eventlog.h | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 5bede97d1c..94a5915292 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -31,20 +31,10 @@ #define EVENTLOG_READEVENTLOG 0x0a /* Eventlog read flags */ - -#define EVENTLOG_SEQUENTIAL_READ 0x0001 -#define EVENTLOG_SEEK_READ 0x0002 -#define EVENTLOG_FORWARDS_READ 0x0004 -#define EVENTLOG_BACKWARDS_READ 0x0008 +/* defined in librpc/gen_ndr/eventlog.h */ /* Event types */ - -#define EVENTLOG_SUCCESS 0x0000 -#define EVENTLOG_ERROR_TYPE 0x0001 -#define EVENTLOG_WARNING_TYPE 0x0002 -#define EVENTLOG_INFORMATION_TYPE 0x0004 -#define EVENTLOG_AUDIT_SUCCESS 0x0008 -#define EVENTLOG_AUDIT_FAILURE 0x0010 +/* defined in librpc/gen_ndr/eventlog.h */ /* Defines for TDB keys */ #define EVT_OLDEST_ENTRY "INFO/oldest_entry" -- cgit From 97a164ba96d48a81d5e24dda6b866a4d78ea1a78 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 31 May 2007 17:59:04 +0000 Subject: r23274: merge CloseEventlog() pidl conversion from 3.0.26 && fix a few init call renames for svcctl in the previous commit (This used to be commit ebcae48ec10fefa74efcc3563cff50e3b9c2388c) --- source3/include/rpc_eventlog.h | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 94a5915292..547568e93b 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -80,18 +80,6 @@ typedef struct { } EVENTLOG_R_OPEN_EVENTLOG; -/***********************************/ - -typedef struct { - POLICY_HND handle; -} EVENTLOG_Q_CLOSE_EVENTLOG; - -typedef struct { - POLICY_HND handle; - NTSTATUS status; -} EVENTLOG_R_CLOSE_EVENTLOG; - - /***********************************/ typedef struct { -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/include/rpc_eventlog.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 547568e93b..36ac08699d 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -5,7 +5,7 @@ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or + * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, -- cgit From 153cfb9c83534b09f15cc16205d7adb19b394928 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 05:23:25 +0000 Subject: r23801: The FSF has moved around a lot. This fixes their Mass Ave address. (This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227) --- source3/include/rpc_eventlog.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 36ac08699d..849c62b7b0 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -14,8 +14,7 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * along with this program; if not, see . */ #ifndef _RPC_EVENTLOG_H /* _RPC_EVENTLOG_H */ -- cgit From 3a452a15b7185dd4023c7dc8d44004c962f39d98 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 27 Nov 2007 11:22:58 -0800 Subject: Remove pstring from everything in rpc_server except srv_spoolss_nt.c and srv_srvsvc_nt.c. They're next :-). Jeremy. (This used to be commit 55b4f9d003b036af69085f7b64e0df08c5ba440d) --- source3/include/rpc_eventlog.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 849c62b7b0..9ec76a071c 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -134,15 +134,15 @@ typedef struct { typedef struct { uint32 source_name_len; - wpstring source_name; + smb_ucs2_t *source_name; uint32 computer_name_len; - wpstring computer_name; + smb_ucs2_t *computer_name; uint32 sid_padding; - wpstring sid; + smb_ucs2_t *sid; uint32 strings_len; - wpstring strings; + smb_ucs2_t *strings; uint32 user_data_len; - pstring user_data; + char *user_data; uint32 data_padding; } Eventlog_data_record; -- cgit From bea5ea5cad90e8a10ea5aadebf62f917faa60cf1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 4 Feb 2008 10:12:08 +0100 Subject: Remove unused marshalling for EVENTLOG_GET_NUM_RECORDS. Guenther (This used to be commit 0c8e0916d7a7a403255c814536f1ebde3c5c9905) --- source3/include/rpc_eventlog.h | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 9ec76a071c..9789d26845 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -79,18 +79,6 @@ typedef struct { } EVENTLOG_R_OPEN_EVENTLOG; -/***********************************/ - -typedef struct { - POLICY_HND handle; -} EVENTLOG_Q_GET_NUM_RECORDS; - -typedef struct { - uint32 num_records; - NTSTATUS status; -} EVENTLOG_R_GET_NUM_RECORDS; - - /***********************************/ typedef struct { -- cgit From 2432628b141607c6edc66974cfec178a4d842989 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 4 Feb 2008 10:45:50 +0100 Subject: Remove unused marshalling for EVENTLOG_GET_OLDEST_ENTRY. Guenther (This used to be commit f837fff80ef369133761f7a33a616fd4721c5a68) --- source3/include/rpc_eventlog.h | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 9789d26845..df17159eac 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -79,18 +79,6 @@ typedef struct { } EVENTLOG_R_OPEN_EVENTLOG; -/***********************************/ - -typedef struct { - POLICY_HND handle; -} EVENTLOG_Q_GET_OLDEST_ENTRY; - -typedef struct { - uint32 oldest_entry; - NTSTATUS status; -} EVENTLOG_R_GET_OLDEST_ENTRY; - - /***********************************/ typedef struct -- cgit From 2fd872fea7576497a24c1d981f3253dc3f042a04 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 4 Feb 2008 10:56:16 +0100 Subject: Remove unused marshalling for EVENTLOG_CLEAR_EVENTLOG. Guenther (This used to be commit badbdf1b88b270d298d44ed6fddb0c31fbcb3717) --- source3/include/rpc_eventlog.h | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index df17159eac..6b07b82daf 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -141,16 +141,4 @@ typedef struct { NTSTATUS status; } EVENTLOG_R_READ_EVENTLOG; - -/***********************************/ - -typedef struct { - POLICY_HND handle; - UNISTR4 backupfile; -} EVENTLOG_Q_CLEAR_EVENTLOG; - -typedef struct { - NTSTATUS status; -} EVENTLOG_R_CLEAR_EVENTLOG; - #endif /* _RPC_EVENTLOG_H */ -- cgit From 639c7fc8becfedba1198d1f4325ab2482ea2ee9d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 4 Feb 2008 11:10:53 +0100 Subject: Remove unused marshalling for EVENTLOG_OPEN_EVENTLOG. Guenther (This used to be commit 15d22925def45f1f8cd2d356a7f580fb4bfd05ef) --- source3/include/rpc_eventlog.h | 21 --------------------- 1 file changed, 21 deletions(-) (limited to 'source3/include/rpc_eventlog.h') diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 6b07b82daf..3f5d03ed63 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -58,27 +58,6 @@ typedef struct elog_tdb { #define EVENTLOG_DATABASE_VERSION_V1 1 -/***********************************/ - -typedef struct { - uint16 unknown1; - uint16 unknown2; -} EVENTLOG_OPEN_UNKNOWN0; - -typedef struct { - EVENTLOG_OPEN_UNKNOWN0 *unknown0; - UNISTR4 logname; - UNISTR4 servername; - uint32 unknown1; - uint32 unknown2; -} EVENTLOG_Q_OPEN_EVENTLOG; - -typedef struct { - POLICY_HND handle; - NTSTATUS status; -} EVENTLOG_R_OPEN_EVENTLOG; - - /***********************************/ typedef struct -- cgit