annotate common/util.c @ 1390:f3e2df6b49ba

(issue181) Fix hardcoded values for RSA codesigning key size.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 19 Jan 2015 15:42:20 +0100
parents fdef94da2d70
children 05c62ad0c74f
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 338
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 338
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 338
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 338
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 338
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 338
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 338
diff changeset
7 */
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8 #include "util.h"
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
9 #include "logging.h"
644
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
10 #include "strhelp.h"
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
11
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
12 #ifndef _WIN32
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
13 #include <unistd.h>
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
14 #include <sys/types.h>
644
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
15 #include <pwd.h>
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
16 #include <grp.h>
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
17 #include <string.h>
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
18 #else
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
19 #include <winsafer.h>
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
20 #include <windows.h>
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
21 #include <accctrl.h>
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
22 #include <aclapi.h>
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
23 #include <shlobj.h>
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
24 #endif
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
25
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
26 #ifndef APPNAME
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
27 #define APPNAME "TrustBridge"
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
28 #endif
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
29
1348
b90df38bb6dc Include organization to determine if it is root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1332
diff changeset
30 #ifndef ORGANIZATION
b90df38bb6dc Include organization to determine if it is root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1332
diff changeset
31 #define ORGANIZATION "BSI"
b90df38bb6dc Include organization to determine if it is root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1332
diff changeset
32 #endif
b90df38bb6dc Include organization to determine if it is root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1332
diff changeset
33
671
d4766b4922c9 Fix linux build
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
34 #ifdef WIN32
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
35 char*
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
36 read_registry_string (const HKEY root, const wchar_t *key,
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
37 const wchar_t *name)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
38 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
39 HKEY key_handle = NULL;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
40 DWORD size = 0,
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
41 type = 0,
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
42 ex_size = 0,
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
43 dwRet = 0;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
44 LONG ret = 0;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
45 char *retval = NULL;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
46 wchar_t *buf = NULL,
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
47 *ex_buf = NULL;
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
48 if (root == NULL || key == NULL || name == NULL)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
49 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
50 ERRORPRINTF ("Invalid call to read_registry_string");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
51 return NULL;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
52 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
53
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
54 ret = RegOpenKeyExW (root, key, 0, KEY_READ, &key_handle);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
55 if (ret != ERROR_SUCCESS)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
56 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
57 ERRORPRINTF ("Failed to open key.");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
58 return NULL;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
59 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
60
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
61 /* Get the size */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
62 ret = RegQueryValueExW (key_handle, name, 0, NULL, NULL, &size);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
63 if (ret != ERROR_MORE_DATA && !(ret == ERROR_SUCCESS && size != 0))
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
64 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
65 ERRORPRINTF ("Failed to get required registry size.");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
66 return retval;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
67 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
68
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
69 /* Size is size in bytes not in characters */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
70 buf = xmalloc (size + sizeof(wchar_t));
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
71
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
72 /* If the stored value is not zero terminated the returned value also
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
73 is not zero terminated. That's why we reserve more and ensure it's
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
74 initialized. */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
75 memset (buf, 0, size + sizeof(wchar_t));
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
76
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
77 ret = RegQueryValueExW (key_handle, name, 0, &type, (LPBYTE) buf, &size);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
78 if (ret != ERROR_SUCCESS)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
79 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
80 ERRORPRINTF ("Failed get registry value.");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
81 return retval;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
82 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
83
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
84 if (type == REG_SZ || (type == REG_EXPAND_SZ && wcschr (buf, '%') == NULL))
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
85 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
86 /* Nothing to expand, we are done */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
87 retval = wchar_to_utf8 (buf, wcslen (buf));
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
88 goto done;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
89 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
90
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
91 if (type != REG_EXPAND_SZ)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
92 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
93 ERRORPRINTF ("Unhandled registry type %i", type);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
94 goto done;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
95 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
96
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
97 /* Expand the registry string */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
98 ex_size = ExpandEnvironmentStringsW (buf, NULL, 0);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
99
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
100 if (ex_size == 0)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
101 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
102 PRINTLASTERROR ("Failed to determine expanded environment size.");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
103 goto done;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
104 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
105
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
106 ex_buf = xmalloc ((ex_size + 1) * sizeof(wchar_t));
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
107
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
108 dwRet = ExpandEnvironmentStringsW (buf, ex_buf, ex_size);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
109
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
110 ex_buf[ex_size] = '\0'; /* Make sure it's a string */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
111
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
112 if (dwRet == 0 || dwRet != ex_size)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
113 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
114 PRINTLASTERROR ("Failed to expand environment variables.");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
115 goto done;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
116 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
117
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
118 retval = wchar_to_utf8 (ex_buf, ex_size);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
119
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
120 done:
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
121 xfree (ex_buf);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
122 xfree (buf);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
123
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
124 RegCloseKey (key_handle);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
125 return retval;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
126 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
127
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
128
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
129 /** @brief Compare two paths for equality based on the filename.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
130 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
131 * Expand the paths by using GetFullPathName and do a string
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
132 * comparison on the result to check for equality.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
133 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
134 * To be sure if it is really the same file it would be better
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
135 * to open the files and compare the serial number but this
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
136 * suffices for checks that only impact on the options presented
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
137 * to the user (try a system wide installation or not)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
138 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
139 * If one file does not exist the function returns false. If
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
140 * The path is longer then MAX_PATH this function also returns
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
141 * false.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
142 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
143 * @param [in] path1 first path to compare
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
144 * @paran [in] path2 first path to compare
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
145 * @returns true if the paths are the same.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
146 */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
147 bool
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
148 paths_equal (const char *path1, const char *path2)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
149 {
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
150 bool ret = false;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
151 wchar_t buf1[MAX_PATH],
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
152 buf2[MAX_PATH];
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
153 wchar_t *wpath1 = NULL,
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
154 *wpath2 = NULL;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
155 DWORD retval = 0;
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
156
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
157 if (!path1 || !path2)
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
158 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
159 return false;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
160 }
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
161
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
162 wpath1 = utf8_to_wchar(path1, strnlen(path1, MAX_PATH));
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
163 wpath2 = utf8_to_wchar(path2, strnlen(path2, MAX_PATH));
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
164
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
165 if (wpath1 == NULL || wpath2 == NULL)
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
166 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
167 ERRORPRINTF ("Failed to convert paths to wchar.");
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
168 goto done;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
169 }
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
170
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
171 retval = GetFullPathNameW (wpath1, MAX_PATH, buf1, NULL);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
172 if (retval >= MAX_PATH || retval != wcsnlen (buf1, MAX_PATH))
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
173 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
174 ERRORPRINTF ("Path1 too long.");
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
175 goto done;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
176 }
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
177 if (retval == 0)
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
178 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
179 PRINTLASTERROR ("Failed to get Full Path name.");
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
180 goto done;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
181 }
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
182
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
183 retval = GetFullPathNameW (wpath2, MAX_PATH, buf2, NULL);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
184 if (retval >= MAX_PATH || retval != wcsnlen (buf2, MAX_PATH))
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
185 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
186 ERRORPRINTF ("Path2 too long.");
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
187 goto done;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
188 }
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
189 if (retval == 0)
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
190 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
191 PRINTLASTERROR ("Failed to get Full Path name.");
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
192 goto done;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
193 }
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
194
1376
fdef94da2d70 (issue176) Compare installation and registry path case insensitive.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1348
diff changeset
195 ret = _wcsicmp (buf1, buf2) == 0;
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
196 done:
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
197 xfree (wpath1);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
198 xfree (wpath2);
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
199
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
200 return ret;
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
201 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
202
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
203 char *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
204 get_install_dir()
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
205 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
206 wchar_t wPath[MAX_PATH];
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
207 char *utf8path = NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
208 char *dirsep = NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
209
904
f89b41fa7048 Fix whitespace errors
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
210 if (!GetModuleFileNameW (NULL, wPath, MAX_PATH - 1))
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
211 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
212 PRINTLASTERROR ("Failed to obtain module file name. Path too long?");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
213 return NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
214 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
215
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
216 /* wPath might not be 0 terminated */
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
217 wPath[MAX_PATH - 1] = '\0';
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
218
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
219 utf8path = wchar_to_utf8 (wPath, wcsnlen(wPath, MAX_PATH));
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
220
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
221 if (utf8path == NULL)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
222 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
223 ERRORPRINTF ("Failed to convert module path to utf-8");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
224 return NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
225 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
226
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
227 /* Cut away the executable name */
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
228 dirsep = strrchr(utf8path, '\\');
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
229 if (dirsep == NULL)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
230 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
231 ERRORPRINTF ("Failed to find directory seperator.");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
232 return NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
233 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
234 *dirsep = '\0';
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
235 return utf8path;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
236 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
237
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
238 static PSID
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
239 copy_sid(PSID from)
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
240 {
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
241 if (!from)
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
242 {
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
243 return 0;
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
244 }
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
245
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
246 DWORD sidLength = GetLengthSid(from);
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
247 PSID to = (PSID) xmalloc(sidLength);
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
248 CopySid(sidLength, to, from);
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
249 return to;
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
250 }
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
251
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
252 PSID
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
253 get_process_owner(HANDLE hProcess)
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
254 {
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
255 HANDLE hToken = NULL;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
256 PSID sid;
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
257
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
258 if (hProcess == NULL)
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
259 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
260 ERRORPRINTF ("invalid call to get_process_owner");
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
261 return NULL;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
262 }
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
263
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
264 OpenProcessToken(hProcess, TOKEN_READ, &hToken);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
265 if (hToken)
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
266 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
267 DWORD size = 0;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
268 PTOKEN_USER userStruct;
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
269
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
270 // check how much space is needed
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
271 GetTokenInformation(hToken, TokenUser, NULL, 0, &size);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
272 if (ERROR_INSUFFICIENT_BUFFER == GetLastError())
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
273 {
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
274 userStruct = (PTOKEN_USER) xmalloc (size);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
275 GetTokenInformation(hToken, TokenUser, userStruct, size, &size);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
276
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
277 sid = copy_sid(userStruct->User.Sid);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
278 CloseHandle(hToken);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
279 xfree (userStruct);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
280 return sid;
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
281 }
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
282 }
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
283 return NULL;
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
284 }
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
285
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
286 bool
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
287 is_system_install()
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
288 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
289 char *reg_inst_dir = NULL,
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 904
diff changeset
290 *real_prefix = NULL;
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
291 bool ret = false;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
292
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
293 reg_inst_dir = read_registry_string (HKEY_LOCAL_MACHINE,
1348
b90df38bb6dc Include organization to determine if it is root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1332
diff changeset
294 L"Software\\"ORGANIZATION"\\"APPNAME, L"");
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
295
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
296 if (reg_inst_dir == NULL)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
297 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
298 return false;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
299 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
300 DEBUGPRINTF ("Registered installation directory: %s\n", reg_inst_dir);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
301
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
302 real_prefix = get_install_dir();
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
303
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
304 if (!real_prefix)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
305 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
306 DEBUGPRINTF ("Failed to obtain installation prefix.");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
307 xfree (reg_inst_dir);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
308 return false;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
309 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
310
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
311 ret = paths_equal (real_prefix, reg_inst_dir);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
312
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
313 xfree (real_prefix);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
314 xfree (reg_inst_dir);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
315 DEBUGPRINTF ("Is system install? %s\n", ret ? "true" : "false");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
316 return ret;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
317 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
318 #else /* WIN32 */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
319
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
320 char *
1332
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
321 get_proc_install_dir(const char *proc)
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
322 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
323 char *retval = NULL,
1332
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
324 *procpath = NULL,
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
325 *p = NULL,
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
326 buf[MAX_PATH_LINUX];
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
327 ssize_t ret;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
328 size_t path_len = 0;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
329
1332
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
330 if (!proc)
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
331 {
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
332 return NULL;
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
333 }
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
334
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
335 xasprintf(&procpath, "/proc/%s/exe", proc);
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
336
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
337 ret = readlink (procpath, buf, MAX_PATH_LINUX);
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
338 xfree(procpath);
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
339 procpath = NULL;
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
340
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
341 if (ret <= 0)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
342 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
343 ERRORPRINTF ("readlink failed\n");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
344 return NULL;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
345 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
346
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
347 buf[ret] = '\0';
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
348
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
349 /* cut off the filename */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
350 p = strrchr (buf, '/');
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
351 if (p == NULL)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
352 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
353 ERRORPRINTF ("No filename found.\n");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
354 return NULL;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
355 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
356 *(p + 1) = '\0';
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
357
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
358 path_len = strlen (buf);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
359 retval = xmalloc (path_len + 1);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
360 strncpy (retval, buf, path_len);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
361 retval[path_len] = '\0';
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
362
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
363 return retval;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
364 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
365
1332
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
366 char *
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
367 get_install_dir()
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
368 {
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
369 return get_proc_install_dir("self");
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
370 }
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1307
diff changeset
371
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
372 bool
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
373 is_system_install()
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
374 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
375 FILE *system_config;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
376 int read_lines = 0;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
377 char linebuf[MAX_PATH_LINUX + 7],
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
378 * inst_dir = NULL;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
379 bool retval = false;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
380 size_t inst_dir_len = 0;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
381
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
382 system_config = fopen ("/etc/"APPNAME"/"APPNAME"-inst.cfg", "r");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
383 if (system_config == NULL)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
384 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
385 DEBUGPRINTF ("No system wide install configuration found.\n");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
386 return false;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
387 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
388 inst_dir = get_install_dir ();
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
389
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
390 if (inst_dir == NULL)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
391 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
392 ERRORPRINTF ("Failed to find installation directory.\n");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
393 fclose(system_config);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
394 return false;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
395 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
396
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
397 inst_dir_len = strnlen (inst_dir, MAX_PATH_LINUX);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
398
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
399 if (inst_dir_len == 0 || inst_dir_len >= MAX_PATH_LINUX)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
400 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
401 ERRORPRINTF ("Installation directory invalid.\n");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
402 fclose(system_config);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
403 return false;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
404 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
405
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
406 /* Read the first 10 lines and look for PREFIX. if it is not found
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
407 we return false. */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
408 while (read_lines < 10 && fgets (linebuf, MAX_PATH_LINUX + 7,
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
409 system_config) != NULL)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
410 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
411 if (str_starts_with (linebuf, "PREFIX="))
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
412 {
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
413 /* The last character is always a linebreak in a valid system_config
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
414 file so we can strip it. If this is not true the file is invalid.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
415 linebuf is > 7 atm otherwise prefix= would not have been matched. */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
416 linebuf[strlen(linebuf) - 1] = '\0';
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
417 retval = str_starts_with (inst_dir, linebuf + 7);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
418 break;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
419 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
420 read_lines++;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
421 }
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
422
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
423 fclose (system_config);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
424 xfree (inst_dir);
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
425 DEBUGPRINTF ("Is system install? %s\n", retval ? "true" : "false");
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
426 return retval;
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
427 }
671
d4766b4922c9 Fix linux build
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
428 #endif
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 644
diff changeset
429
1031
1f23803e1f83 Fix linux build. Has_high_integrity is only implemented for windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1029
diff changeset
430 #ifdef WIN32
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
431 bool
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
432 has_high_integrity(HANDLE hToken)
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
433 {
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
434 PTOKEN_MANDATORY_LABEL integrity_label = NULL;
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
435 DWORD integrity_level = 0,
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
436 size = 0;
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
437
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
438 if (hToken == NULL || hToken == INVALID_HANDLE_VALUE)
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
439 {
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
440 DEBUGPRINTF ("Invalid parameters.");
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
441 return false;
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
442 }
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
443
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
444 /* Get the required size */
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
445 if (!GetTokenInformation(hToken, TokenIntegrityLevel,
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
446 NULL, 0, &size) == ERROR_INSUFFICIENT_BUFFER)
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
447 {
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
448 PRINTLASTERROR ("Failed to get required size.\n");
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
449 return false;
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
450 }
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
451 integrity_label = (PTOKEN_MANDATORY_LABEL) LocalAlloc(0, size);
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
452 if (integrity_label == NULL)
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
453 {
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
454 ERRORPRINTF ("Failed to allocate label. \n");
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
455 return false;
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
456 }
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
457
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
458 if (!GetTokenInformation(hToken, TokenIntegrityLevel,
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
459 integrity_label, size, &size))
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
460 {
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
461 PRINTLASTERROR ("Failed to get integrity level.\n");
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
462 LocalFree(integrity_label);
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
463 return false;
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
464 }
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
465
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
466 /* Get the last integrity level */
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
467 integrity_level = *GetSidSubAuthority(integrity_label->Label.Sid,
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
468 (DWORD)(UCHAR)(*GetSidSubAuthorityCount(
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
469 integrity_label->Label.Sid) - 1));
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
470
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
471 LocalFree (integrity_label);
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
472
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
473 return integrity_level >= SECURITY_MANDATORY_HIGH_RID;
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
474 }
1031
1f23803e1f83 Fix linux build. Has_high_integrity is only implemented for windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1029
diff changeset
475 #endif
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
476
1307
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
477 static bool g_is_elevated = false;
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
478 static bool g_elevated_initalized = false;
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
479
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
480 bool
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
481 is_elevated()
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
482 {
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
483 bool ret = false;
1307
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
484 if (g_elevated_initalized)
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
485 {
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
486 return g_is_elevated;
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
487 }
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
488 #ifndef _WIN32
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
489 ret = (geteuid() == 0);
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
490 #else
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
491 HANDLE hToken = NULL;
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
492 if (OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &hToken))
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
493 {
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
494 DWORD elevation;
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
495 DWORD cbSize = sizeof (DWORD);
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
496 if (GetTokenInformation (hToken, TokenElevation, &elevation,
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
497 sizeof (TokenElevation), &cbSize))
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
498 {
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
499 ret = elevation;
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
500 }
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
501 }
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
502 /* Elevation will be true and ElevationType TokenElevationTypeFull even
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
503 if the token is a user token created by SAFER so we additionally
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
504 check the integrity level of the token which will only be high in
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
505 the real elevated process and medium otherwise. */
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
506
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
507 ret = ret && has_high_integrity (hToken);
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
508
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
509 if (hToken)
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
510 CloseHandle (hToken);
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
511 #endif
1307
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
512 g_is_elevated = ret;
2bacaec6e101 (perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1306
diff changeset
513 g_elevated_initalized = true;
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
514 return ret;
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
515 }
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
516
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
517 #ifdef _WIN32
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
518 char *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
519 get_program_files_folder ()
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
520 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
521 wchar_t *folder_name = NULL;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
522 char *retval = NULL;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
523 if (SHGetKnownFolderPath (&FOLDERID_ProgramFiles, /* Get program data dir */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
524 KF_FLAG_NO_ALIAS,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
525 INVALID_HANDLE_VALUE, /* Get it for the default user */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
526 &folder_name) != S_OK)
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
527 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
528 PRINTLASTERROR ("Failed to get program files folder.");
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
529 return NULL;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
530 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
531
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
532 retval = wchar_to_utf8 (folder_name, wcslen(folder_name));
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
533 CoTaskMemFree (folder_name);
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
534 return retval;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
535 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
536
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
537 /* This is a bit ridicoulous but necessary as shlobj.h contains an inline
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
538 definition. So only one C file may include it and thus we have to put
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
539 all our shlobj calls into one file... */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
540 wchar_t *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
541 get_program_data_folder ()
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
542 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
543 wchar_t *folder_name = NULL;
1306
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
544 if (is_elevated())
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
545 {
1306
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
546 if (SHGetKnownFolderPath (&FOLDERID_ProgramData, /* Get program data dir */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
547 KF_FLAG_CREATE | /* Create if it does not exist */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
548 KF_FLAG_INIT, /* Initialize it if created */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
549 INVALID_HANDLE_VALUE, /* Get it for the default user */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
550 &folder_name) != S_OK)
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
551 {
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
552 PRINTLASTERROR ("Failed to get folder path");
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
553 return NULL;
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
554 }
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
555 }
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
556 else
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
557 {
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
558 if (SHGetKnownFolderPath (&FOLDERID_LocalAppData, /* Get program data dir */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
559 KF_FLAG_CREATE | /* Create if it does not exist */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
560 KF_FLAG_INIT, /* Initialize it if created */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
561 NULL, /* Get it for the default user */
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
562 &folder_name) != S_OK)
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
563 {
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
564 PRINTLASTERROR ("Failed to get folder path");
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
565 return NULL;
845048d4a69f (issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
566 }
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
567 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
568 return folder_name;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
569 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
570 #endif
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
571
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
572 bool
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
573 is_admin()
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
574 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
575 #ifndef _WIN32
644
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
576 struct passwd *current_user = getpwuid (geteuid());
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
577 int ngroups = 0,
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
578 ret = 0,
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
579 i = 0;
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
580 gid_t * groups = NULL;
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
581
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
582 if (current_user == NULL)
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
583 {
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
584 ERRORPRINTF ("Failed to obtain user information.");
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
585 return false;
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
586 }
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
587
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
588 ret = getgrouplist (current_user->pw_name, current_user->pw_gid, NULL,
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
589 &ngroups);
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
590
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
591 if (ret != -1 || ngroups <= 0)
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
592 {
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
593 ERRORPRINTF ("Unknown error in getgrouplist call");
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
594 return false;
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
595 }
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
596
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
597 groups = xmalloc (((unsigned int)ngroups) * sizeof (gid_t));
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
598
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
599 ret = getgrouplist (current_user->pw_name, current_user->pw_gid, groups,
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
600 &ngroups);
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
601
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
602 if (ret != ngroups)
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
603 {
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
604 ERRORPRINTF ("Group length mismatch.");
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
605 xfree (groups);
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
606 return false;
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
607 }
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
608
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
609 for (i = 0; i < ngroups; i++)
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
610 {
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
611 struct group *gr = getgrgid (groups[i]);
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
612 if (gr == NULL)
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
613 {
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
614 ERRORPRINTF ("Error in group enumeration");
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
615 xfree (groups);
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
616 return false;
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
617 }
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
618 if (strcmp("sudo", gr->gr_name) == 0)
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
619 {
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
620 DEBUGPRINTF ("User is in sudo group \n");
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
621 xfree (groups);
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
622 return true;
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
623 }
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
624 }
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
625
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
626 DEBUGPRINTF ("User is not in sudo group");
c7a35fa302ec Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
627
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
628 return false;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
629 #else
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
630 bool retval = false;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
631 BOOL in_admin_group = FALSE;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
632 HANDLE hToken = NULL;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
633 HANDLE hTokenToCheck = NULL;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
634 DWORD cbSize = 0;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
635 TOKEN_ELEVATION_TYPE elevation;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
636 BYTE admin_id[SECURITY_MAX_SID_SIZE];
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
637
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
638 if (!OpenProcessToken(GetCurrentProcess(),
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
639 TOKEN_QUERY | TOKEN_DUPLICATE, &hToken))
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
640 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
641 PRINTLASTERROR ("Failed to duplicate process token.\n");
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
642 return false;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
643 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
644
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
645 if (!GetTokenInformation(hToken, TokenElevationType, &elevation,
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
646 sizeof(elevation), &cbSize))
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
647 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
648 PRINTLASTERROR ("Failed to get token information.\n");
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
649 goto done;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
650 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
651
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
652 /* If limited check the the linked token instead */
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
653 if (TokenElevationTypeLimited == elevation)
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
654 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
655 if (!GetTokenInformation(hToken, TokenLinkedToken, &hTokenToCheck,
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
656 sizeof(hTokenToCheck), &cbSize))
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
657 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
658 PRINTLASTERROR ("Failed to get the linked token.\n");
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
659 goto done;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
660 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
661 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
662
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
663 if (!hTokenToCheck) /* The linked token is already of the correct type */
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
664 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
665 if (!DuplicateToken(hToken, SecurityIdentification, &hTokenToCheck))
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
666 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
667 PRINTLASTERROR ("Failed to duplicate token for identification.\n");
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
668 goto done;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
669 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
670 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
671
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
672 /* Do the sid dance for the adminSID */
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
673 cbSize = sizeof(admin_id);
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
674 if (!CreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, &admin_id,
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
675 &cbSize))
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
676 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
677 PRINTLASTERROR ("Failed to get admin sid.\n");
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
678 goto done;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
679 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
680
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
681 /* The actual check */
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
682 if (!CheckTokenMembership(hTokenToCheck, &admin_id, &in_admin_group))
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
683 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
684 PRINTLASTERROR ("Failed to check token membership.\n");
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
685 goto done;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
686 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
687
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
688 if (in_admin_group)
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
689 {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
690 /* Winbool to standard bool */
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
691 retval = true;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
692 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
693
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
694 done:
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
695 if (hToken) CloseHandle(hToken);
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
696 if (hTokenToCheck) CloseHandle(hTokenToCheck);
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
697
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
698 return retval;
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
699 #endif
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
700 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
701
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
702 #ifdef WIN32
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
703 bool
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
704 create_restricted_directory (LPWSTR path, bool objects_should_inherit, PACL *rACL)
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
705 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
706 bool retval = false;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
707 PSID everyone_SID = NULL,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
708 admin_SID = NULL;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
709 PACL access_control_list = NULL;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
710 PSECURITY_DESCRIPTOR descriptor = NULL;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
711 EXPLICIT_ACCESS explicit_access[2];
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
712 SID_IDENTIFIER_AUTHORITY world_identifier = {SECURITY_WORLD_SID_AUTHORITY},
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
713 admin_identifier = {SECURITY_NT_AUTHORITY};
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
714 SECURITY_ATTRIBUTES security_attributes;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
715
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
716 ZeroMemory(&security_attributes, sizeof(security_attributes));
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
717 ZeroMemory(&explicit_access, 2 * sizeof(EXPLICIT_ACCESS));
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
718
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
719 /* Create a well-known SID for the Everyone group. */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
720 if(!AllocateAndInitializeSid(&world_identifier, /* top-level identifier */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
721 1, /* subauthorties count */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
722 SECURITY_WORLD_RID, /* Only one authority */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
723 0, 0, 0, 0, 0, 0, 0, /* No other authorities*/
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
724 &everyone_SID))
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
725 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
726 PRINTLASTERROR ("Failed to allocate world sid.\n");
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
727 return false;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
728 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
729
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
730 /* Initialize the first EXPLICIT_ACCESS structure for an ACE.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
731 to allow everyone read access */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
732 explicit_access[0].grfAccessPermissions = GENERIC_READ; /* Give read access */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
733 explicit_access[0].grfAccessMode = SET_ACCESS; /* Overwrite other access for all users */
1070
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1031
diff changeset
734 explicit_access[0].grfInheritance = objects_should_inherit ?
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1031
diff changeset
735 SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1031
diff changeset
736 NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
737 explicit_access[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
738 explicit_access[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
739 explicit_access[0].Trustee.ptstrName = (LPTSTR) everyone_SID;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
740
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
741 /* Create the SID for the BUILTIN\Administrators group. */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
742 if(!AllocateAndInitializeSid(&admin_identifier,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
743 2,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
744 SECURITY_BUILTIN_DOMAIN_RID, /*BUILTIN\ */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
745 DOMAIN_ALIAS_RID_ADMINS, /*\Administrators */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
746 0, 0, 0, 0, 0, 0, /* No other */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
747 &admin_SID))
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
748 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
749 PRINTLASTERROR ("Failed to allocate admin sid.");
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
750 goto done;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
751 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
752
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
753 /* explicit_access[1] grants admins full rights for this object and inherits
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
754 it to the children */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
755 explicit_access[1].grfAccessPermissions = GENERIC_ALL;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
756 explicit_access[1].grfAccessMode = SET_ACCESS;
1070
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1031
diff changeset
757 explicit_access[1].grfInheritance = objects_should_inherit ?
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1031
diff changeset
758 SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1031
diff changeset
759 NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
760 explicit_access[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
761 explicit_access[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
762 explicit_access[1].Trustee.ptstrName = (LPTSTR) admin_SID;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
763
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
764 /* Set up the ACL structure. */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
765 if (ERROR_SUCCESS != SetEntriesInAcl(2, explicit_access, NULL, &access_control_list))
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
766 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
767 PRINTLASTERROR ("Failed to set up Acl.");
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
768 goto done;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
769 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
770
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
771 /* Initialize a security descriptor */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
772 descriptor = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
773 SECURITY_DESCRIPTOR_MIN_LENGTH);
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
774 if (descriptor == NULL)
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
775 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
776 PRINTLASTERROR("Failed to allocate descriptor.");
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
777 goto done;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
778 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
779
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
780 if (!InitializeSecurityDescriptor(descriptor,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
781 SECURITY_DESCRIPTOR_REVISION))
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
782 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
783 PRINTLASTERROR("Failed to initialize descriptor.");
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
784 goto done;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
785 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
786
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
787 /* Now we add the ACL to the the descriptor */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
788 if (!SetSecurityDescriptorDacl(descriptor,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
789 TRUE, /* bDaclPresent flag */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
790 access_control_list,
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
791 FALSE)) /* not a default DACL */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
792 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
793 PRINTLASTERROR("Failed to set security descriptor.");
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
794 goto done;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
795 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
796
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
797 /* Finally set up the security attributes structure */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
798 security_attributes.nLength = sizeof (SECURITY_ATTRIBUTES);
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
799 security_attributes.lpSecurityDescriptor = descriptor;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
800 security_attributes.bInheritHandle = FALSE;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
801
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
802 /* Use the security attributes to create the directory */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
803 if (!CreateDirectoryW(path, &security_attributes))
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
804 {
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
805 DWORD err = GetLastError();
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
806 if (err == ERROR_ALREADY_EXISTS)
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
807 {
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
808 if (!objects_should_inherit)
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
809 {
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
810 /* This means it is a parent directory of something and
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
811 we should not touch the DACL. */
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
812 retval = true;
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
813 goto done;
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
814 }
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
815
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
816 /* Set our ACL on the directory */
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
817 err = SetNamedSecurityInfoW (path,
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
818 SE_FILE_OBJECT,
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
819 DACL_SECURITY_INFORMATION |
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
820 OWNER_SECURITY_INFORMATION |
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
821 GROUP_SECURITY_INFORMATION,
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
822 admin_SID, /* owner */
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
823 admin_SID, /* group */
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
824 access_control_list, /* the dacl */
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
825 NULL);
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
826 if (err != ERROR_SUCCESS)
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
827 {
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
828 ERRORPRINTF ("Failed to set security info on folder. Err: %lu", err);
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
829 goto done;
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
830 }
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
831 }
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
832 else
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
833 {
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
834 ERRORPRINTF ("Failed to create directory. Err: %lu", err);
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
835 goto done;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
836 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
837 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
838 retval = true;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
839
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
840 done:
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
841
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
842 if (retval != true)
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
843 {
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
844 ERRORPRINTF ("Failed to create directory for NSS installer instructions.");
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
845 syslog_error_printf ("Failed to create directory for NSS installer instructions.");
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
846 }
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
847 else if (rACL)
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
848 {
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
849 *rACL = access_control_list;
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
850 }
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
851
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
852
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
853 if (everyone_SID)
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
854 FreeSid(everyone_SID);
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
855 if (admin_SID)
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
856 FreeSid(admin_SID);
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1162
diff changeset
857 if (!rACL && access_control_list)
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
858 LocalFree(access_control_list);
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
859 if (descriptor)
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
860 LocalFree(descriptor);
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
861
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
862 return retval;
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
863 }
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
864 #endif
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
865
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
866 #ifdef WIN32
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
867 /** @brief get a restricted access token
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
868 *
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
869 * This function uses the Software Restriction API to obtain the
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
870 * access token for a process run als normal user.
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
871 *
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
872 * @returns A restricted handle or NULL on error.
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
873 */
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
874 HANDLE
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
875 get_restricted_token()
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
876 {
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
877 SAFER_LEVEL_HANDLE user_level = NULL;
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
878 HANDLE retval = NULL;
1118
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
879 SID_IDENTIFIER_AUTHORITY medium_identifier = {SECURITY_MANDATORY_LABEL_AUTHORITY};
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
880 PSID medium_sid = NULL;
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
881 TOKEN_MANDATORY_LABEL integrity_label;
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
882
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
883 memset (&integrity_label, 0, sizeof (integrity_label));
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
884
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
885 if (!SaferCreateLevel(SAFER_SCOPEID_USER,
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
886 SAFER_LEVELID_NORMALUSER,
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
887 SAFER_LEVEL_OPEN, &user_level, NULL))
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
888 {
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
889 PRINTLASTERROR ("Failed to create user level.\n");
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
890 return NULL;
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
891 }
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
892
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
893 if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL))
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
894 {
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
895 SaferCloseLevel(user_level);
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
896 return NULL;
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
897 }
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
898
1118
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
899 SaferCloseLevel(user_level);
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
900
1118
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
901 /* Set the SID to medium it will still be high otherwise. Even if
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
902 there is no high access allowed. */
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
903 if (!AllocateAndInitializeSid(&medium_identifier,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
904 1,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
905 SECURITY_MANDATORY_MEDIUM_RID,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
906 0,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
907 0,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
908 0,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
909 0,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
910 0,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
911 0,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
912 0,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
913 &medium_sid))
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
914 {
1118
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
915 PRINTLASTERROR ("Failed to initialize sid.\n");
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
916 return NULL;
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
917 }
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
918
1118
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
919 integrity_label.Label.Attributes = SE_GROUP_INTEGRITY;
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
920 integrity_label.Label.Sid = medium_sid;
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
921
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
922 if (!SetTokenInformation(retval,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
923 TokenIntegrityLevel,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
924 &integrity_label,
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
925 sizeof(TOKEN_MANDATORY_LABEL)))
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
926 {
1118
fd85a02d771d (issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1010 1070
diff changeset
927 PRINTLASTERROR ("Failed to set token integrity.\n");
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
928 return NULL;
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
929 }
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
930
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
931 return retval;
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
932 }
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
933 #endif

http://wald.intevation.org/projects/trustbridge/