From e7a1a0ead2013464dc8204e5b997ddc3ae46e973 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 13 Jan 2006 20:24:50 +0000 Subject: r12914: adding query/set ops for security descriptors on services. (This used to be commit cefd2d7cb6140b068d66e2383e9acfa4c3c4b4c7) --- source3/services/services_db.c | 47 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) (limited to 'source3/services') diff --git a/source3/services/services_db.c b/source3/services/services_db.c index b3ba7fcc96..a16657c0ed 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -519,6 +519,53 @@ SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN * return ret_sd; } +/******************************************************************** + Wrapper to make storing a Service sd easier +********************************************************************/ + +BOOL svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, SEC_DESC *sec_desc, NT_USER_TOKEN *token ) +{ + REGISTRY_KEY *key; + WERROR wresult; + pstring path; + REGVAL_CTR *values; + prs_struct ps; + BOOL ret = False; + + /* now add the security descriptor */ + + pstr_sprintf( path, "%s\\%s\\%s", KEY_SERVICES, name, "Security" ); + wresult = regkey_open_internal( &key, path, token, REG_KEY_ALL ); + if ( !W_ERROR_IS_OK(wresult) ) { + DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n", + path, dos_errstr(wresult))); + return False; + } + + if ( !(values = TALLOC_ZERO_P( key, REGVAL_CTR )) ) { + DEBUG(0,("add_new_svc_name: talloc() failed!\n")); + regkey_close_internal( key ); + return False; + } + + /* stream the printer security descriptor */ + + prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key, MARSHALL); + + if ( sec_io_desc("sec_desc", &sec_desc, &ps, 0 ) ) { + uint32 offset = prs_offset( &ps ); + regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&ps), offset ); + ret = store_reg_values( key, values ); + } + + /* cleanup */ + + prs_mem_free( &ps ); + regkey_close_internal( key); + + return ret; +} + /******************************************************************** ********************************************************************/ -- cgit