Mercurial > trustbridge
annotate common/util.c @ 1332:8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
If the lock on the lockfile can be aquired it might still be
possible that another process is running. So we read the
pid from the lockfile and check if another process with the
same installation prefix as us is running.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Wed, 15 Oct 2014 14:19:46 +0200 |
| parents | 2bacaec6e101 |
| children | b90df38bb6dc |
| rev | line source |
|---|---|
| 404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
| 2 * Software engineering by Intevation GmbH | |
| 3 * | |
| 4 * This file is Free Software under the GNU GPL (v>=2) | |
| 5 * and comes with ABSOLUTELY NO WARRANTY! | |
| 6 * See LICENSE.txt for details. | |
| 7 */ | |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #include "util.h" |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
9 #include "logging.h" |
|
644
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
10 #include "strhelp.h" |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
11 |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
12 #ifndef _WIN32 |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
13 #include <unistd.h> |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
14 #include <sys/types.h> |
|
644
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
15 #include <pwd.h> |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
16 #include <grp.h> |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
17 #include <string.h> |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
18 #else |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
19 #include <winsafer.h> |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
20 #include <windows.h> |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
21 #include <accctrl.h> |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
22 #include <aclapi.h> |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
23 #include <shlobj.h> |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
24 #endif |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
25 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
26 #ifndef APPNAME |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
27 #define APPNAME "TrustBridge" |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
28 #endif |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
29 |
|
671
d4766b4922c9
Fix linux build
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
30 #ifdef WIN32 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
31 char* |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
32 read_registry_string (const HKEY root, const wchar_t *key, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
33 const wchar_t *name) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
34 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
35 HKEY key_handle = NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
36 DWORD size = 0, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
37 type = 0, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
38 ex_size = 0, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
39 dwRet = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
40 LONG ret = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
41 char *retval = NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
42 wchar_t *buf = NULL, |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
43 *ex_buf = NULL; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
44 if (root == NULL || key == NULL || name == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
45 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
46 ERRORPRINTF ("Invalid call to read_registry_string"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
47 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
48 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
49 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
50 ret = RegOpenKeyExW (root, key, 0, KEY_READ, &key_handle); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
51 if (ret != ERROR_SUCCESS) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
52 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
53 ERRORPRINTF ("Failed to open key."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
54 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
55 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
56 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
57 /* Get the size */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
58 ret = RegQueryValueExW (key_handle, name, 0, NULL, NULL, &size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
59 if (ret != ERROR_MORE_DATA && !(ret == ERROR_SUCCESS && size != 0)) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
60 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
61 ERRORPRINTF ("Failed to get required registry size."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
62 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
63 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
64 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
65 /* Size is size in bytes not in characters */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
66 buf = xmalloc (size + sizeof(wchar_t)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
67 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
68 /* If the stored value is not zero terminated the returned value also |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
69 is not zero terminated. That's why we reserve more and ensure it's |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
70 initialized. */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
71 memset (buf, 0, size + sizeof(wchar_t)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
72 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
73 ret = RegQueryValueExW (key_handle, name, 0, &type, (LPBYTE) buf, &size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
74 if (ret != ERROR_SUCCESS) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
75 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
76 ERRORPRINTF ("Failed get registry value."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
77 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
78 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
79 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
80 if (type == REG_SZ || (type == REG_EXPAND_SZ && wcschr (buf, '%') == NULL)) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
81 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
82 /* Nothing to expand, we are done */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
83 retval = wchar_to_utf8 (buf, wcslen (buf)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
84 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
85 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
86 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
87 if (type != REG_EXPAND_SZ) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
88 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
89 ERRORPRINTF ("Unhandled registry type %i", type); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
90 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
91 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
92 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
93 /* Expand the registry string */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
94 ex_size = ExpandEnvironmentStringsW (buf, NULL, 0); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
95 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
96 if (ex_size == 0) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
97 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
98 PRINTLASTERROR ("Failed to determine expanded environment size."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
99 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
100 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
101 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
102 ex_buf = xmalloc ((ex_size + 1) * sizeof(wchar_t)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
103 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
104 dwRet = ExpandEnvironmentStringsW (buf, ex_buf, ex_size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
105 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
106 ex_buf[ex_size] = '\0'; /* Make sure it's a string */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
107 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
108 if (dwRet == 0 || dwRet != ex_size) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
109 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
110 PRINTLASTERROR ("Failed to expand environment variables."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
111 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
112 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
113 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
114 retval = wchar_to_utf8 (ex_buf, ex_size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
115 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
116 done: |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
117 xfree (ex_buf); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
118 xfree (buf); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
119 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
120 RegCloseKey (key_handle); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
121 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
122 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
123 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
124 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
125 /** @brief Compare two paths for equality based on the filename. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
126 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
127 * Expand the paths by using GetFullPathName and do a string |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
128 * comparison on the result to check for equality. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
129 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
130 * To be sure if it is really the same file it would be better |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
131 * to open the files and compare the serial number but this |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
132 * suffices for checks that only impact on the options presented |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
133 * to the user (try a system wide installation or not) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
134 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
135 * If one file does not exist the function returns false. If |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
136 * The path is longer then MAX_PATH this function also returns |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
137 * false. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
138 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
139 * @param [in] path1 first path to compare |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
140 * @paran [in] path2 first path to compare |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
141 * @returns true if the paths are the same. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
142 */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
143 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
144 paths_equal (const char *path1, const char *path2) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
145 { |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
146 bool ret = false; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
147 wchar_t buf1[MAX_PATH], |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
148 buf2[MAX_PATH]; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
149 wchar_t *wpath1 = NULL, |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
150 *wpath2 = NULL; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
151 DWORD retval = 0; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
152 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
153 if (!path1 || !path2) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
154 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
155 return false; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
156 } |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
157 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
158 wpath1 = utf8_to_wchar(path1, strnlen(path1, MAX_PATH)); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
159 wpath2 = utf8_to_wchar(path2, strnlen(path2, MAX_PATH)); |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
160 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
161 if (wpath1 == NULL || wpath2 == NULL) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
162 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
163 ERRORPRINTF ("Failed to convert paths to wchar."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
164 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
165 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
166 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
167 retval = GetFullPathNameW (wpath1, MAX_PATH, buf1, NULL); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
168 if (retval >= MAX_PATH || retval != wcsnlen (buf1, MAX_PATH)) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
169 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
170 ERRORPRINTF ("Path1 too long."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
171 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
172 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
173 if (retval == 0) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
174 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
175 PRINTLASTERROR ("Failed to get Full Path name."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
176 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
177 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
178 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
179 retval = GetFullPathNameW (wpath2, MAX_PATH, buf2, NULL); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
180 if (retval >= MAX_PATH || retval != wcsnlen (buf2, MAX_PATH)) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
181 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
182 ERRORPRINTF ("Path2 too long."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
183 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
184 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
185 if (retval == 0) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
186 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
187 PRINTLASTERROR ("Failed to get Full Path name."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
188 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
189 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
190 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
191 ret = wcscmp (buf1, buf2) == 0; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
192 done: |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
193 xfree (wpath1); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
194 xfree (wpath2); |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
195 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
196 return ret; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
197 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
198 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
199 char * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
200 get_install_dir() |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
201 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
202 wchar_t wPath[MAX_PATH]; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
203 char *utf8path = NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
204 char *dirsep = NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
205 |
|
904
f89b41fa7048
Fix whitespace errors
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
206 if (!GetModuleFileNameW (NULL, wPath, MAX_PATH - 1)) |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
207 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
208 PRINTLASTERROR ("Failed to obtain module file name. Path too long?"); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
209 return NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
210 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
211 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
212 /* wPath might not be 0 terminated */ |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
213 wPath[MAX_PATH - 1] = '\0'; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
214 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
215 utf8path = wchar_to_utf8 (wPath, wcsnlen(wPath, MAX_PATH)); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
216 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
217 if (utf8path == NULL) |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
218 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
219 ERRORPRINTF ("Failed to convert module path to utf-8"); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
220 return NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
221 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
222 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
223 /* Cut away the executable name */ |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
224 dirsep = strrchr(utf8path, '\\'); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
225 if (dirsep == NULL) |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
226 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
227 ERRORPRINTF ("Failed to find directory seperator."); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
228 return NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
229 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
230 *dirsep = '\0'; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
231 return utf8path; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
232 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
233 |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
234 static PSID |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
235 copy_sid(PSID from) |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
236 { |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
237 if (!from) |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
238 { |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
239 return 0; |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
240 } |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
241 |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
242 DWORD sidLength = GetLengthSid(from); |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
243 PSID to = (PSID) xmalloc(sidLength); |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
244 CopySid(sidLength, to, from); |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
245 return to; |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
246 } |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
247 |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
248 PSID |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
249 get_process_owner(HANDLE hProcess) |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
250 { |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
251 HANDLE hToken = NULL; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
252 PSID sid; |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
253 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
254 if (hProcess == NULL) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
255 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
256 ERRORPRINTF ("invalid call to get_process_owner"); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
257 return NULL; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
258 } |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
259 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
260 OpenProcessToken(hProcess, TOKEN_READ, &hToken); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
261 if (hToken) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
262 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
263 DWORD size = 0; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
264 PTOKEN_USER userStruct; |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
265 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
266 // check how much space is needed |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
267 GetTokenInformation(hToken, TokenUser, NULL, 0, &size); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
268 if (ERROR_INSUFFICIENT_BUFFER == GetLastError()) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
269 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
270 userStruct = (PTOKEN_USER) xmalloc (size); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
271 GetTokenInformation(hToken, TokenUser, userStruct, size, &size); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
272 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
273 sid = copy_sid(userStruct->User.Sid); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
274 CloseHandle(hToken); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
275 xfree (userStruct); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
276 return sid; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
277 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
278 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
279 return NULL; |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
280 } |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
281 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
282 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
283 is_system_install() |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
284 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
285 char *reg_inst_dir = NULL, |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
286 *real_prefix = NULL; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
287 bool ret = false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
288 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
289 reg_inst_dir = read_registry_string (HKEY_LOCAL_MACHINE, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
290 L"Software\\"APPNAME, L""); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
291 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
292 if (reg_inst_dir == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
293 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
294 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
295 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
296 DEBUGPRINTF ("Registered installation directory: %s\n", reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
297 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
298 real_prefix = get_install_dir(); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
299 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
300 if (!real_prefix) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
301 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
302 DEBUGPRINTF ("Failed to obtain installation prefix."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
303 xfree (reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
304 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
305 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
306 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
307 ret = paths_equal (real_prefix, reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
308 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
309 xfree (real_prefix); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
310 xfree (reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
311 DEBUGPRINTF ("Is system install? %s\n", ret ? "true" : "false"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
312 return ret; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
313 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
314 #else /* WIN32 */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
315 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
316 char * |
|
1332
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
317 get_proc_install_dir(const char *proc) |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
318 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
319 char *retval = NULL, |
|
1332
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
320 *procpath = NULL, |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
321 *p = NULL, |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
322 buf[MAX_PATH_LINUX]; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
323 ssize_t ret; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
324 size_t path_len = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
325 |
|
1332
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
326 if (!proc) |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
327 { |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
328 return NULL; |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
329 } |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
330 |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
331 xasprintf(&procpath, "/proc/%s/exe", proc); |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
332 |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
333 ret = readlink (procpath, buf, MAX_PATH_LINUX); |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
334 xfree(procpath); |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
335 procpath = NULL; |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
336 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
337 if (ret <= 0) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
338 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
339 ERRORPRINTF ("readlink failed\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
340 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
341 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
342 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
343 buf[ret] = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
344 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
345 /* cut off the filename */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
346 p = strrchr (buf, '/'); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
347 if (p == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
348 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
349 ERRORPRINTF ("No filename found.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
350 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
351 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
352 *(p + 1) = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
353 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
354 path_len = strlen (buf); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
355 retval = xmalloc (path_len + 1); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
356 strncpy (retval, buf, path_len); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
357 retval[path_len] = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
358 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
359 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
360 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
361 |
|
1332
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
362 char * |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
363 get_install_dir() |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
364 { |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
365 return get_proc_install_dir("self"); |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
366 } |
|
8362e30f7b55
(issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1307
diff
changeset
|
367 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
368 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
369 is_system_install() |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
370 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
371 FILE *system_config; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
372 int read_lines = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
373 char linebuf[MAX_PATH_LINUX + 7], |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
374 * inst_dir = NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
375 bool retval = false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
376 size_t inst_dir_len = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
377 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
378 system_config = fopen ("/etc/"APPNAME"/"APPNAME"-inst.cfg", "r"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
379 if (system_config == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
380 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
381 DEBUGPRINTF ("No system wide install configuration found.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
382 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
383 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
384 inst_dir = get_install_dir (); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
385 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
386 if (inst_dir == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
387 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
388 ERRORPRINTF ("Failed to find installation directory.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
389 fclose(system_config); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
390 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
391 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
392 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
393 inst_dir_len = strnlen (inst_dir, MAX_PATH_LINUX); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
394 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
395 if (inst_dir_len == 0 || inst_dir_len >= MAX_PATH_LINUX) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
396 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
397 ERRORPRINTF ("Installation directory invalid.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
398 fclose(system_config); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
399 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
400 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
401 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
402 /* Read the first 10 lines and look for PREFIX. if it is not found |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
403 we return false. */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
404 while (read_lines < 10 && fgets (linebuf, MAX_PATH_LINUX + 7, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
405 system_config) != NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
406 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
407 if (str_starts_with (linebuf, "PREFIX=")) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
408 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
409 /* The last character is always a linebreak in a valid system_config |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
410 file so we can strip it. If this is not true the file is invalid. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
411 linebuf is > 7 atm otherwise prefix= would not have been matched. */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
412 linebuf[strlen(linebuf) - 1] = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
413 retval = str_starts_with (inst_dir, linebuf + 7); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
414 break; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
415 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
416 read_lines++; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
417 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
418 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
419 fclose (system_config); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
420 xfree (inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
421 DEBUGPRINTF ("Is system install? %s\n", retval ? "true" : "false"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
422 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
423 } |
|
671
d4766b4922c9
Fix linux build
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
424 #endif |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
425 |
|
1031
1f23803e1f83
Fix linux build. Has_high_integrity is only implemented for windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
426 #ifdef WIN32 |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
427 bool |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
428 has_high_integrity(HANDLE hToken) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
429 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
430 PTOKEN_MANDATORY_LABEL integrity_label = NULL; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
431 DWORD integrity_level = 0, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
432 size = 0; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
433 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
434 if (hToken == NULL || hToken == INVALID_HANDLE_VALUE) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
435 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
436 DEBUGPRINTF ("Invalid parameters."); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
437 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
438 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
439 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
440 /* Get the required size */ |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
441 if (!GetTokenInformation(hToken, TokenIntegrityLevel, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
442 NULL, 0, &size) == ERROR_INSUFFICIENT_BUFFER) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
443 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
444 PRINTLASTERROR ("Failed to get required size.\n"); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
445 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
446 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
447 integrity_label = (PTOKEN_MANDATORY_LABEL) LocalAlloc(0, size); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
448 if (integrity_label == NULL) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
449 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
450 ERRORPRINTF ("Failed to allocate label. \n"); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
451 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
452 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
453 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
454 if (!GetTokenInformation(hToken, TokenIntegrityLevel, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
455 integrity_label, size, &size)) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
456 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
457 PRINTLASTERROR ("Failed to get integrity level.\n"); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
458 LocalFree(integrity_label); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
459 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
460 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
461 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
462 /* Get the last integrity level */ |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
463 integrity_level = *GetSidSubAuthority(integrity_label->Label.Sid, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
464 (DWORD)(UCHAR)(*GetSidSubAuthorityCount( |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
465 integrity_label->Label.Sid) - 1)); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
466 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
467 LocalFree (integrity_label); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
468 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
469 return integrity_level >= SECURITY_MANDATORY_HIGH_RID; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
470 } |
|
1031
1f23803e1f83
Fix linux build. Has_high_integrity is only implemented for windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
471 #endif |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
472 |
|
1307
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
473 static bool g_is_elevated = false; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
474 static bool g_elevated_initalized = false; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
475 |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
476 bool |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
477 is_elevated() |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
478 { |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
479 bool ret = false; |
|
1307
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
480 if (g_elevated_initalized) |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
481 { |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
482 return g_is_elevated; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
483 } |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
484 #ifndef _WIN32 |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
485 ret = (geteuid() == 0); |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
486 #else |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
487 HANDLE hToken = NULL; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
488 if (OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &hToken)) |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
489 { |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
490 DWORD elevation; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
491 DWORD cbSize = sizeof (DWORD); |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
492 if (GetTokenInformation (hToken, TokenElevation, &elevation, |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
493 sizeof (TokenElevation), &cbSize)) |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
494 { |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
495 ret = elevation; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
496 } |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
497 } |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
498 /* Elevation will be true and ElevationType TokenElevationTypeFull even |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
499 if the token is a user token created by SAFER so we additionally |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
500 check the integrity level of the token which will only be high in |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
501 the real elevated process and medium otherwise. */ |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
502 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
503 ret = ret && has_high_integrity (hToken); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
504 |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
505 if (hToken) |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
506 CloseHandle (hToken); |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
507 #endif |
|
1307
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
508 g_is_elevated = ret; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
509 g_elevated_initalized = true; |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
510 return ret; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
511 } |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
512 |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
513 #ifdef _WIN32 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
514 char * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
515 get_program_files_folder () |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
516 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
517 wchar_t *folder_name = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
518 char *retval = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
519 if (SHGetKnownFolderPath (&FOLDERID_ProgramFiles, /* Get program data dir */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
520 KF_FLAG_NO_ALIAS, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
521 INVALID_HANDLE_VALUE, /* Get it for the default user */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
522 &folder_name) != S_OK) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
523 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
524 PRINTLASTERROR ("Failed to get program files folder."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
525 return NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
526 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
527 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
528 retval = wchar_to_utf8 (folder_name, wcslen(folder_name)); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
529 CoTaskMemFree (folder_name); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
530 return retval; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
531 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
532 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
533 /* This is a bit ridicoulous but necessary as shlobj.h contains an inline |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
534 definition. So only one C file may include it and thus we have to put |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
535 all our shlobj calls into one file... */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
536 wchar_t * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
537 get_program_data_folder () |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
538 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
539 wchar_t *folder_name = NULL; |
|
1306
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
540 if (is_elevated()) |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
541 { |
|
1306
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
542 if (SHGetKnownFolderPath (&FOLDERID_ProgramData, /* Get program data dir */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
543 KF_FLAG_CREATE | /* Create if it does not exist */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
544 KF_FLAG_INIT, /* Initialize it if created */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
545 INVALID_HANDLE_VALUE, /* Get it for the default user */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
546 &folder_name) != S_OK) |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
547 { |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
548 PRINTLASTERROR ("Failed to get folder path"); |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
549 return NULL; |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
550 } |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
551 } |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
552 else |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
553 { |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
554 if (SHGetKnownFolderPath (&FOLDERID_LocalAppData, /* Get program data dir */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
555 KF_FLAG_CREATE | /* Create if it does not exist */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
556 KF_FLAG_INIT, /* Initialize it if created */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
557 NULL, /* Get it for the default user */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
558 &folder_name) != S_OK) |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
559 { |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
560 PRINTLASTERROR ("Failed to get folder path"); |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
561 return NULL; |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
562 } |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
563 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
564 return folder_name; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
565 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
566 #endif |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
567 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
568 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
569 is_admin() |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
570 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
571 #ifndef _WIN32 |
|
644
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
572 struct passwd *current_user = getpwuid (geteuid()); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
573 int ngroups = 0, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
574 ret = 0, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
575 i = 0; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
576 gid_t * groups = NULL; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
577 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
578 if (current_user == NULL) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
579 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
580 ERRORPRINTF ("Failed to obtain user information."); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
581 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
582 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
583 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
584 ret = getgrouplist (current_user->pw_name, current_user->pw_gid, NULL, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
585 &ngroups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
586 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
587 if (ret != -1 || ngroups <= 0) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
588 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
589 ERRORPRINTF ("Unknown error in getgrouplist call"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
590 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
591 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
592 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
593 groups = xmalloc (((unsigned int)ngroups) * sizeof (gid_t)); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
594 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
595 ret = getgrouplist (current_user->pw_name, current_user->pw_gid, groups, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
596 &ngroups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
597 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
598 if (ret != ngroups) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
599 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
600 ERRORPRINTF ("Group length mismatch."); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
601 xfree (groups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
602 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
603 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
604 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
605 for (i = 0; i < ngroups; i++) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
606 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
607 struct group *gr = getgrgid (groups[i]); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
608 if (gr == NULL) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
609 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
610 ERRORPRINTF ("Error in group enumeration"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
611 xfree (groups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
612 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
613 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
614 if (strcmp("sudo", gr->gr_name) == 0) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
615 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
616 DEBUGPRINTF ("User is in sudo group \n"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
617 xfree (groups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
618 return true; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
619 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
620 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
621 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
622 DEBUGPRINTF ("User is not in sudo group"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
623 |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
624 return false; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
625 #else |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
626 bool retval = false; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
627 BOOL in_admin_group = FALSE; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
628 HANDLE hToken = NULL; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
629 HANDLE hTokenToCheck = NULL; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
630 DWORD cbSize = 0; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
631 TOKEN_ELEVATION_TYPE elevation; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
632 BYTE admin_id[SECURITY_MAX_SID_SIZE]; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
633 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
634 if (!OpenProcessToken(GetCurrentProcess(), |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
635 TOKEN_QUERY | TOKEN_DUPLICATE, &hToken)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
636 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
637 PRINTLASTERROR ("Failed to duplicate process token.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
638 return false; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
639 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
640 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
641 if (!GetTokenInformation(hToken, TokenElevationType, &elevation, |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
642 sizeof(elevation), &cbSize)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
643 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
644 PRINTLASTERROR ("Failed to get token information.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
645 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
646 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
647 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
648 /* If limited check the the linked token instead */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
649 if (TokenElevationTypeLimited == elevation) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
650 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
651 if (!GetTokenInformation(hToken, TokenLinkedToken, &hTokenToCheck, |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
652 sizeof(hTokenToCheck), &cbSize)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
653 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
654 PRINTLASTERROR ("Failed to get the linked token.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
655 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
656 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
657 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
658 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
659 if (!hTokenToCheck) /* The linked token is already of the correct type */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
660 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
661 if (!DuplicateToken(hToken, SecurityIdentification, &hTokenToCheck)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
662 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
663 PRINTLASTERROR ("Failed to duplicate token for identification.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
664 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
665 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
666 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
667 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
668 /* Do the sid dance for the adminSID */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
669 cbSize = sizeof(admin_id); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
670 if (!CreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, &admin_id, |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
671 &cbSize)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
672 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
673 PRINTLASTERROR ("Failed to get admin sid.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
674 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
675 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
676 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
677 /* The actual check */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
678 if (!CheckTokenMembership(hTokenToCheck, &admin_id, &in_admin_group)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
679 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
680 PRINTLASTERROR ("Failed to check token membership.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
681 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
682 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
683 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
684 if (in_admin_group) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
685 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
686 /* Winbool to standard bool */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
687 retval = true; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
688 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
689 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
690 done: |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
691 if (hToken) CloseHandle(hToken); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
692 if (hTokenToCheck) CloseHandle(hTokenToCheck); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
693 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
694 return retval; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
695 #endif |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
696 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
697 |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
698 #ifdef WIN32 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
699 bool |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
700 create_restricted_directory (LPWSTR path, bool objects_should_inherit, PACL *rACL) |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
701 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
702 bool retval = false; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
703 PSID everyone_SID = NULL, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
704 admin_SID = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
705 PACL access_control_list = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
706 PSECURITY_DESCRIPTOR descriptor = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
707 EXPLICIT_ACCESS explicit_access[2]; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
708 SID_IDENTIFIER_AUTHORITY world_identifier = {SECURITY_WORLD_SID_AUTHORITY}, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
709 admin_identifier = {SECURITY_NT_AUTHORITY}; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
710 SECURITY_ATTRIBUTES security_attributes; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
711 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
712 ZeroMemory(&security_attributes, sizeof(security_attributes)); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
713 ZeroMemory(&explicit_access, 2 * sizeof(EXPLICIT_ACCESS)); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
714 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
715 /* Create a well-known SID for the Everyone group. */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
716 if(!AllocateAndInitializeSid(&world_identifier, /* top-level identifier */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
717 1, /* subauthorties count */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
718 SECURITY_WORLD_RID, /* Only one authority */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
719 0, 0, 0, 0, 0, 0, 0, /* No other authorities*/ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
720 &everyone_SID)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
721 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
722 PRINTLASTERROR ("Failed to allocate world sid.\n"); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
723 return false; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
724 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
725 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
726 /* Initialize the first EXPLICIT_ACCESS structure for an ACE. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
727 to allow everyone read access */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
728 explicit_access[0].grfAccessPermissions = GENERIC_READ; /* Give read access */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
729 explicit_access[0].grfAccessMode = SET_ACCESS; /* Overwrite other access for all users */ |
|
1070
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
730 explicit_access[0].grfInheritance = objects_should_inherit ? |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
731 SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */ |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
732 NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */ |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
733 explicit_access[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
734 explicit_access[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
735 explicit_access[0].Trustee.ptstrName = (LPTSTR) everyone_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
736 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
737 /* Create the SID for the BUILTIN\Administrators group. */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
738 if(!AllocateAndInitializeSid(&admin_identifier, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
739 2, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
740 SECURITY_BUILTIN_DOMAIN_RID, /*BUILTIN\ */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
741 DOMAIN_ALIAS_RID_ADMINS, /*\Administrators */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
742 0, 0, 0, 0, 0, 0, /* No other */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
743 &admin_SID)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
744 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
745 PRINTLASTERROR ("Failed to allocate admin sid."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
746 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
747 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
748 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
749 /* explicit_access[1] grants admins full rights for this object and inherits |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
750 it to the children */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
751 explicit_access[1].grfAccessPermissions = GENERIC_ALL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
752 explicit_access[1].grfAccessMode = SET_ACCESS; |
|
1070
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
753 explicit_access[1].grfInheritance = objects_should_inherit ? |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
754 SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */ |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
755 NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */ |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
756 explicit_access[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
757 explicit_access[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
758 explicit_access[1].Trustee.ptstrName = (LPTSTR) admin_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
759 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
760 /* Set up the ACL structure. */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
761 if (ERROR_SUCCESS != SetEntriesInAcl(2, explicit_access, NULL, &access_control_list)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
762 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
763 PRINTLASTERROR ("Failed to set up Acl."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
764 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
765 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
766 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
767 /* Initialize a security descriptor */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
768 descriptor = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
769 SECURITY_DESCRIPTOR_MIN_LENGTH); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
770 if (descriptor == NULL) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
771 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
772 PRINTLASTERROR("Failed to allocate descriptor."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
773 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
774 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
775 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
776 if (!InitializeSecurityDescriptor(descriptor, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
777 SECURITY_DESCRIPTOR_REVISION)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
778 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
779 PRINTLASTERROR("Failed to initialize descriptor."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
780 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
781 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
782 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
783 /* Now we add the ACL to the the descriptor */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
784 if (!SetSecurityDescriptorDacl(descriptor, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
785 TRUE, /* bDaclPresent flag */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
786 access_control_list, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
787 FALSE)) /* not a default DACL */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
788 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
789 PRINTLASTERROR("Failed to set security descriptor."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
790 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
791 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
792 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
793 /* Finally set up the security attributes structure */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
794 security_attributes.nLength = sizeof (SECURITY_ATTRIBUTES); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
795 security_attributes.lpSecurityDescriptor = descriptor; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
796 security_attributes.bInheritHandle = FALSE; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
797 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
798 /* Use the security attributes to create the directory */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
799 if (!CreateDirectoryW(path, &security_attributes)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
800 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
801 DWORD err = GetLastError(); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
802 if (err == ERROR_ALREADY_EXISTS) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
803 { |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
804 if (!objects_should_inherit) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
805 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
806 /* This means it is a parent directory of something and |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
807 we should not touch the DACL. */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
808 retval = true; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
809 goto done; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
810 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
811 |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
812 /* Set our ACL on the directory */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
813 err = SetNamedSecurityInfoW (path, |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
814 SE_FILE_OBJECT, |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
815 DACL_SECURITY_INFORMATION | |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
816 OWNER_SECURITY_INFORMATION | |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
817 GROUP_SECURITY_INFORMATION, |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
818 admin_SID, /* owner */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
819 admin_SID, /* group */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
820 access_control_list, /* the dacl */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
821 NULL); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
822 if (err != ERROR_SUCCESS) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
823 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
824 ERRORPRINTF ("Failed to set security info on folder. Err: %lu", err); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
825 goto done; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
826 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
827 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
828 else |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
829 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
830 ERRORPRINTF ("Failed to create directory. Err: %lu", err); |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
831 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
832 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
833 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
834 retval = true; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
835 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
836 done: |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
837 |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
838 if (retval != true) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
839 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
840 ERRORPRINTF ("Failed to create directory for NSS installer instructions."); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
841 syslog_error_printf ("Failed to create directory for NSS installer instructions."); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
842 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
843 else if (rACL) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
844 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
845 *rACL = access_control_list; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
846 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
847 |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
848 |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
849 if (everyone_SID) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
850 FreeSid(everyone_SID); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
851 if (admin_SID) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
852 FreeSid(admin_SID); |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
853 if (!rACL && access_control_list) |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
854 LocalFree(access_control_list); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
855 if (descriptor) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
856 LocalFree(descriptor); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
857 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
858 return retval; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
859 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
860 #endif |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
861 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
862 #ifdef WIN32 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
863 /** @brief get a restricted access token |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
864 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
865 * This function uses the Software Restriction API to obtain the |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
866 * access token for a process run als normal user. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
867 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
868 * @returns A restricted handle or NULL on error. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
869 */ |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
870 HANDLE |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
871 get_restricted_token() |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
872 { |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
873 SAFER_LEVEL_HANDLE user_level = NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
874 HANDLE retval = NULL; |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
875 SID_IDENTIFIER_AUTHORITY medium_identifier = {SECURITY_MANDATORY_LABEL_AUTHORITY}; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
876 PSID medium_sid = NULL; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
877 TOKEN_MANDATORY_LABEL integrity_label; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
878 |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
879 memset (&integrity_label, 0, sizeof (integrity_label)); |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
880 |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
881 if (!SaferCreateLevel(SAFER_SCOPEID_USER, |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
882 SAFER_LEVELID_NORMALUSER, |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
883 SAFER_LEVEL_OPEN, &user_level, NULL)) |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
884 { |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
885 PRINTLASTERROR ("Failed to create user level.\n"); |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
886 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
887 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
888 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
889 if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL)) |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
890 { |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
891 SaferCloseLevel(user_level); |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
892 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
893 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
894 |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
895 SaferCloseLevel(user_level); |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
896 |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
897 /* Set the SID to medium it will still be high otherwise. Even if |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
898 there is no high access allowed. */ |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
899 if (!AllocateAndInitializeSid(&medium_identifier, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
900 1, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
901 SECURITY_MANDATORY_MEDIUM_RID, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
902 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
903 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
904 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
905 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
906 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
907 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
908 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
909 &medium_sid)) |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
910 { |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
911 PRINTLASTERROR ("Failed to initialize sid.\n"); |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
912 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
913 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
914 |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
915 integrity_label.Label.Attributes = SE_GROUP_INTEGRITY; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
916 integrity_label.Label.Sid = medium_sid; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
917 |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
918 if (!SetTokenInformation(retval, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
919 TokenIntegrityLevel, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
920 &integrity_label, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
921 sizeof(TOKEN_MANDATORY_LABEL))) |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
922 { |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
923 PRINTLASTERROR ("Failed to set token integrity.\n"); |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
924 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
925 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
926 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
927 return retval; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
928 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
929 #endif |