Mercurial > trustbridge
annotate common/util.c @ 1316:ff9cd05e861e
(issue166) Fix certificiate removal
The index that should be removed came from the filter proxy model
and did not map to the real index. This was broken.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Mon, 13 Oct 2014 17:23:35 +0200 |
| parents | 2bacaec6e101 |
| children | 8362e30f7b55 |
| rev | line source |
|---|---|
| 404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
| 2 * Software engineering by Intevation GmbH | |
| 3 * | |
| 4 * This file is Free Software under the GNU GPL (v>=2) | |
| 5 * and comes with ABSOLUTELY NO WARRANTY! | |
| 6 * See LICENSE.txt for details. | |
| 7 */ | |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #include "util.h" |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
9 #include "logging.h" |
|
644
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
10 #include "strhelp.h" |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
11 |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
12 #ifndef _WIN32 |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
13 #include <unistd.h> |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
14 #include <sys/types.h> |
|
644
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
15 #include <pwd.h> |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
16 #include <grp.h> |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
17 #include <string.h> |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
18 #else |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
19 #include <winsafer.h> |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
20 #include <windows.h> |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
21 #include <accctrl.h> |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
22 #include <aclapi.h> |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
23 #include <shlobj.h> |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
24 #endif |
|
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
25 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
26 #ifndef APPNAME |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
27 #define APPNAME "TrustBridge" |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
28 #endif |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
29 |
|
671
d4766b4922c9
Fix linux build
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
30 #ifdef WIN32 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
31 char* |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
32 read_registry_string (const HKEY root, const wchar_t *key, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
33 const wchar_t *name) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
34 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
35 HKEY key_handle = NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
36 DWORD size = 0, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
37 type = 0, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
38 ex_size = 0, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
39 dwRet = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
40 LONG ret = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
41 char *retval = NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
42 wchar_t *buf = NULL, |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
43 *ex_buf = NULL; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
44 if (root == NULL || key == NULL || name == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
45 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
46 ERRORPRINTF ("Invalid call to read_registry_string"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
47 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
48 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
49 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
50 ret = RegOpenKeyExW (root, key, 0, KEY_READ, &key_handle); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
51 if (ret != ERROR_SUCCESS) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
52 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
53 ERRORPRINTF ("Failed to open key."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
54 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
55 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
56 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
57 /* Get the size */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
58 ret = RegQueryValueExW (key_handle, name, 0, NULL, NULL, &size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
59 if (ret != ERROR_MORE_DATA && !(ret == ERROR_SUCCESS && size != 0)) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
60 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
61 ERRORPRINTF ("Failed to get required registry size."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
62 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
63 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
64 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
65 /* Size is size in bytes not in characters */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
66 buf = xmalloc (size + sizeof(wchar_t)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
67 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
68 /* If the stored value is not zero terminated the returned value also |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
69 is not zero terminated. That's why we reserve more and ensure it's |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
70 initialized. */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
71 memset (buf, 0, size + sizeof(wchar_t)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
72 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
73 ret = RegQueryValueExW (key_handle, name, 0, &type, (LPBYTE) buf, &size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
74 if (ret != ERROR_SUCCESS) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
75 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
76 ERRORPRINTF ("Failed get registry value."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
77 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
78 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
79 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
80 if (type == REG_SZ || (type == REG_EXPAND_SZ && wcschr (buf, '%') == NULL)) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
81 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
82 /* Nothing to expand, we are done */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
83 retval = wchar_to_utf8 (buf, wcslen (buf)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
84 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
85 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
86 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
87 if (type != REG_EXPAND_SZ) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
88 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
89 ERRORPRINTF ("Unhandled registry type %i", type); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
90 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
91 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
92 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
93 /* Expand the registry string */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
94 ex_size = ExpandEnvironmentStringsW (buf, NULL, 0); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
95 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
96 if (ex_size == 0) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
97 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
98 PRINTLASTERROR ("Failed to determine expanded environment size."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
99 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
100 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
101 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
102 ex_buf = xmalloc ((ex_size + 1) * sizeof(wchar_t)); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
103 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
104 dwRet = ExpandEnvironmentStringsW (buf, ex_buf, ex_size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
105 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
106 ex_buf[ex_size] = '\0'; /* Make sure it's a string */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
107 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
108 if (dwRet == 0 || dwRet != ex_size) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
109 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
110 PRINTLASTERROR ("Failed to expand environment variables."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
111 goto done; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
112 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
113 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
114 retval = wchar_to_utf8 (ex_buf, ex_size); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
115 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
116 done: |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
117 xfree (ex_buf); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
118 xfree (buf); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
119 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
120 RegCloseKey (key_handle); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
121 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
122 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
123 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
124 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
125 /** @brief Compare two paths for equality based on the filename. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
126 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
127 * Expand the paths by using GetFullPathName and do a string |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
128 * comparison on the result to check for equality. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
129 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
130 * To be sure if it is really the same file it would be better |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
131 * to open the files and compare the serial number but this |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
132 * suffices for checks that only impact on the options presented |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
133 * to the user (try a system wide installation or not) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
134 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
135 * If one file does not exist the function returns false. If |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
136 * The path is longer then MAX_PATH this function also returns |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
137 * false. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
138 * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
139 * @param [in] path1 first path to compare |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
140 * @paran [in] path2 first path to compare |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
141 * @returns true if the paths are the same. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
142 */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
143 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
144 paths_equal (const char *path1, const char *path2) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
145 { |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
146 bool ret = false; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
147 wchar_t buf1[MAX_PATH], |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
148 buf2[MAX_PATH]; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
149 wchar_t *wpath1 = NULL, |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
150 *wpath2 = NULL; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
151 DWORD retval = 0; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
152 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
153 if (!path1 || !path2) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
154 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
155 return false; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
156 } |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
157 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
158 wpath1 = utf8_to_wchar(path1, strnlen(path1, MAX_PATH)); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
159 wpath2 = utf8_to_wchar(path2, strnlen(path2, MAX_PATH)); |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
160 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
161 if (wpath1 == NULL || wpath2 == NULL) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
162 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
163 ERRORPRINTF ("Failed to convert paths to wchar."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
164 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
165 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
166 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
167 retval = GetFullPathNameW (wpath1, MAX_PATH, buf1, NULL); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
168 if (retval >= MAX_PATH || retval != wcsnlen (buf1, MAX_PATH)) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
169 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
170 ERRORPRINTF ("Path1 too long."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
171 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
172 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
173 if (retval == 0) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
174 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
175 PRINTLASTERROR ("Failed to get Full Path name."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
176 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
177 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
178 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
179 retval = GetFullPathNameW (wpath2, MAX_PATH, buf2, NULL); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
180 if (retval >= MAX_PATH || retval != wcsnlen (buf2, MAX_PATH)) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
181 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
182 ERRORPRINTF ("Path2 too long."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
183 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
184 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
185 if (retval == 0) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
186 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
187 PRINTLASTERROR ("Failed to get Full Path name."); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
188 goto done; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
189 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
190 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
191 ret = wcscmp (buf1, buf2) == 0; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
192 done: |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
193 xfree (wpath1); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
194 xfree (wpath2); |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
195 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
196 return ret; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
197 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
198 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
199 char * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
200 get_install_dir() |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
201 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
202 wchar_t wPath[MAX_PATH]; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
203 char *utf8path = NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
204 char *dirsep = NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
205 |
|
904
f89b41fa7048
Fix whitespace errors
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
206 if (!GetModuleFileNameW (NULL, wPath, MAX_PATH - 1)) |
|
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
207 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
208 PRINTLASTERROR ("Failed to obtain module file name. Path too long?"); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
209 return NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
210 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
211 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
212 /* wPath might not be 0 terminated */ |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
213 wPath[MAX_PATH - 1] = '\0'; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
214 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
215 utf8path = wchar_to_utf8 (wPath, wcsnlen(wPath, MAX_PATH)); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
216 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
217 if (utf8path == NULL) |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
218 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
219 ERRORPRINTF ("Failed to convert module path to utf-8"); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
220 return NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
221 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
222 |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
223 /* Cut away the executable name */ |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
224 dirsep = strrchr(utf8path, '\\'); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
225 if (dirsep == NULL) |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
226 { |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
227 ERRORPRINTF ("Failed to find directory seperator."); |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
228 return NULL; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
229 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
230 *dirsep = '\0'; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
231 return utf8path; |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
232 } |
|
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
233 |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
234 static PSID |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
235 copy_sid(PSID from) |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
236 { |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
237 if (!from) |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
238 { |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
239 return 0; |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
240 } |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
241 |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
242 DWORD sidLength = GetLengthSid(from); |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
243 PSID to = (PSID) xmalloc(sidLength); |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
244 CopySid(sidLength, to, from); |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
245 return to; |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
246 } |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
247 |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
248 PSID |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
249 get_process_owner(HANDLE hProcess) |
|
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
250 { |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
251 HANDLE hToken = NULL; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
252 PSID sid; |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
253 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
254 if (hProcess == NULL) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
255 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
256 ERRORPRINTF ("invalid call to get_process_owner"); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
257 return NULL; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
258 } |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
259 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
260 OpenProcessToken(hProcess, TOKEN_READ, &hToken); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
261 if (hToken) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
262 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
263 DWORD size = 0; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
264 PTOKEN_USER userStruct; |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
265 |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
266 // check how much space is needed |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
267 GetTokenInformation(hToken, TokenUser, NULL, 0, &size); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
268 if (ERROR_INSUFFICIENT_BUFFER == GetLastError()) |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
269 { |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
270 userStruct = (PTOKEN_USER) xmalloc (size); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
271 GetTokenInformation(hToken, TokenUser, userStruct, size, &size); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
272 |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
273 sid = copy_sid(userStruct->User.Sid); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
274 CloseHandle(hToken); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
275 xfree (userStruct); |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
276 return sid; |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
277 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
278 } |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
279 return NULL; |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
280 } |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
281 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
282 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
283 is_system_install() |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
284 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
285 char *reg_inst_dir = NULL, |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
286 *real_prefix = NULL; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
287 bool ret = false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
288 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
289 reg_inst_dir = read_registry_string (HKEY_LOCAL_MACHINE, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
290 L"Software\\"APPNAME, L""); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
291 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
292 if (reg_inst_dir == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
293 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
294 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
295 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
296 DEBUGPRINTF ("Registered installation directory: %s\n", reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
297 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
298 real_prefix = get_install_dir(); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
299 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
300 if (!real_prefix) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
301 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
302 DEBUGPRINTF ("Failed to obtain installation prefix."); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
303 xfree (reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
304 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
305 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
306 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
307 ret = paths_equal (real_prefix, reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
308 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
309 xfree (real_prefix); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
310 xfree (reg_inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
311 DEBUGPRINTF ("Is system install? %s\n", ret ? "true" : "false"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
312 return ret; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
313 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
314 #else /* WIN32 */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
315 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
316 char * |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
317 get_install_dir() |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
318 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
319 char *retval = NULL, |
|
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
320 *p = NULL, |
|
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
904
diff
changeset
|
321 buf[MAX_PATH_LINUX]; |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
322 ssize_t ret; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
323 size_t path_len = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
324 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
325 ret = readlink ("/proc/self/exe", buf, MAX_PATH_LINUX); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
326 if (ret <= 0) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
327 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
328 ERRORPRINTF ("readlink failed\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
329 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
330 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
331 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
332 buf[ret] = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
333 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
334 /* cut off the filename */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
335 p = strrchr (buf, '/'); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
336 if (p == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
337 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
338 ERRORPRINTF ("No filename found.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
339 return NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
340 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
341 *(p + 1) = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
342 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
343 path_len = strlen (buf); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
344 retval = xmalloc (path_len + 1); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
345 strncpy (retval, buf, path_len); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
346 retval[path_len] = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
347 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
348 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
349 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
350 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
351 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
352 is_system_install() |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
353 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
354 FILE *system_config; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
355 int read_lines = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
356 char linebuf[MAX_PATH_LINUX + 7], |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
357 * inst_dir = NULL; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
358 bool retval = false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
359 size_t inst_dir_len = 0; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
360 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
361 system_config = fopen ("/etc/"APPNAME"/"APPNAME"-inst.cfg", "r"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
362 if (system_config == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
363 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
364 DEBUGPRINTF ("No system wide install configuration found.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
365 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
366 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
367 inst_dir = get_install_dir (); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
368 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
369 if (inst_dir == NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
370 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
371 ERRORPRINTF ("Failed to find installation directory.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
372 fclose(system_config); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
373 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
374 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
375 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
376 inst_dir_len = strnlen (inst_dir, MAX_PATH_LINUX); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
377 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
378 if (inst_dir_len == 0 || inst_dir_len >= MAX_PATH_LINUX) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
379 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
380 ERRORPRINTF ("Installation directory invalid.\n"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
381 fclose(system_config); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
382 return false; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
383 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
384 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
385 /* Read the first 10 lines and look for PREFIX. if it is not found |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
386 we return false. */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
387 while (read_lines < 10 && fgets (linebuf, MAX_PATH_LINUX + 7, |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
388 system_config) != NULL) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
389 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
390 if (str_starts_with (linebuf, "PREFIX=")) |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
391 { |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
392 /* The last character is always a linebreak in a valid system_config |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
393 file so we can strip it. If this is not true the file is invalid. |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
394 linebuf is > 7 atm otherwise prefix= would not have been matched. */ |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
395 linebuf[strlen(linebuf) - 1] = '\0'; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
396 retval = str_starts_with (inst_dir, linebuf + 7); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
397 break; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
398 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
399 read_lines++; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
400 } |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
401 |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
402 fclose (system_config); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
403 xfree (inst_dir); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
404 DEBUGPRINTF ("Is system install? %s\n", retval ? "true" : "false"); |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
405 return retval; |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
406 } |
|
671
d4766b4922c9
Fix linux build
Andre Heinecke <andre.heinecke@intevation.de>
parents:
670
diff
changeset
|
407 #endif |
|
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
644
diff
changeset
|
408 |
|
1031
1f23803e1f83
Fix linux build. Has_high_integrity is only implemented for windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
409 #ifdef WIN32 |
|
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
410 bool |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
411 has_high_integrity(HANDLE hToken) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
412 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
413 PTOKEN_MANDATORY_LABEL integrity_label = NULL; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
414 DWORD integrity_level = 0, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
415 size = 0; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
416 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
417 if (hToken == NULL || hToken == INVALID_HANDLE_VALUE) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
418 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
419 DEBUGPRINTF ("Invalid parameters."); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
420 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
421 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
422 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
423 /* Get the required size */ |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
424 if (!GetTokenInformation(hToken, TokenIntegrityLevel, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
425 NULL, 0, &size) == ERROR_INSUFFICIENT_BUFFER) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
426 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
427 PRINTLASTERROR ("Failed to get required size.\n"); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
428 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
429 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
430 integrity_label = (PTOKEN_MANDATORY_LABEL) LocalAlloc(0, size); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
431 if (integrity_label == NULL) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
432 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
433 ERRORPRINTF ("Failed to allocate label. \n"); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
434 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
435 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
436 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
437 if (!GetTokenInformation(hToken, TokenIntegrityLevel, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
438 integrity_label, size, &size)) |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
439 { |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
440 PRINTLASTERROR ("Failed to get integrity level.\n"); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
441 LocalFree(integrity_label); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
442 return false; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
443 } |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
444 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
445 /* Get the last integrity level */ |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
446 integrity_level = *GetSidSubAuthority(integrity_label->Label.Sid, |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
447 (DWORD)(UCHAR)(*GetSidSubAuthorityCount( |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
448 integrity_label->Label.Sid) - 1)); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
449 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
450 LocalFree (integrity_label); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
451 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
452 return integrity_level >= SECURITY_MANDATORY_HIGH_RID; |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
453 } |
|
1031
1f23803e1f83
Fix linux build. Has_high_integrity is only implemented for windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1029
diff
changeset
|
454 #endif |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
455 |
|
1307
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
456 static bool g_is_elevated = false; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
457 static bool g_elevated_initalized = false; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
458 |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
459 bool |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
460 is_elevated() |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
461 { |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
462 bool ret = false; |
|
1307
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
463 if (g_elevated_initalized) |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
464 { |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
465 return g_is_elevated; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
466 } |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
467 #ifndef _WIN32 |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
468 ret = (geteuid() == 0); |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
469 #else |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
470 HANDLE hToken = NULL; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
471 if (OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &hToken)) |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
472 { |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
473 DWORD elevation; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
474 DWORD cbSize = sizeof (DWORD); |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
475 if (GetTokenInformation (hToken, TokenElevation, &elevation, |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
476 sizeof (TokenElevation), &cbSize)) |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
477 { |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
478 ret = elevation; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
479 } |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
480 } |
|
1029
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
481 /* Elevation will be true and ElevationType TokenElevationTypeFull even |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
482 if the token is a user token created by SAFER so we additionally |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
483 check the integrity level of the token which will only be high in |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
484 the real elevated process and medium otherwise. */ |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
485 |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
486 ret = ret && has_high_integrity (hToken); |
|
6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
487 |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
488 if (hToken) |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
489 CloseHandle (hToken); |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
490 #endif |
|
1307
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
491 g_is_elevated = ret; |
|
2bacaec6e101
(perf) Use cached values to deterimine elevation.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1306
diff
changeset
|
492 g_elevated_initalized = true; |
|
323
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
493 return ret; |
|
31ba7ed4d50f
Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents:
321
diff
changeset
|
494 } |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
495 |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
496 #ifdef _WIN32 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
497 char * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
498 get_program_files_folder () |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
499 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
500 wchar_t *folder_name = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
501 char *retval = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
502 if (SHGetKnownFolderPath (&FOLDERID_ProgramFiles, /* Get program data dir */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
503 KF_FLAG_NO_ALIAS, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
504 INVALID_HANDLE_VALUE, /* Get it for the default user */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
505 &folder_name) != S_OK) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
506 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
507 PRINTLASTERROR ("Failed to get program files folder."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
508 return NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
509 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
510 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
511 retval = wchar_to_utf8 (folder_name, wcslen(folder_name)); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
512 CoTaskMemFree (folder_name); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
513 return retval; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
514 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
515 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
516 /* This is a bit ridicoulous but necessary as shlobj.h contains an inline |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
517 definition. So only one C file may include it and thus we have to put |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
518 all our shlobj calls into one file... */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
519 wchar_t * |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
520 get_program_data_folder () |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
521 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
522 wchar_t *folder_name = NULL; |
|
1306
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
523 if (is_elevated()) |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
524 { |
|
1306
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
525 if (SHGetKnownFolderPath (&FOLDERID_ProgramData, /* Get program data dir */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
526 KF_FLAG_CREATE | /* Create if it does not exist */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
527 KF_FLAG_INIT, /* Initialize it if created */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
528 INVALID_HANDLE_VALUE, /* Get it for the default user */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
529 &folder_name) != S_OK) |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
530 { |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
531 PRINTLASTERROR ("Failed to get folder path"); |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
532 return NULL; |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
533 } |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
534 } |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
535 else |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
536 { |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
537 if (SHGetKnownFolderPath (&FOLDERID_LocalAppData, /* Get program data dir */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
538 KF_FLAG_CREATE | /* Create if it does not exist */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
539 KF_FLAG_INIT, /* Initialize it if created */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
540 NULL, /* Get it for the default user */ |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
541 &folder_name) != S_OK) |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
542 { |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
543 PRINTLASTERROR ("Failed to get folder path"); |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
544 return NULL; |
|
845048d4a69f
(issue159) Use user specific appdata directory for nss list with simple rights.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1208
diff
changeset
|
545 } |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
546 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
547 return folder_name; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
548 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
549 #endif |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
550 |
|
841
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
551 bool |
|
216a65d7fc4b
(issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
552 is_admin() |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
553 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
554 #ifndef _WIN32 |
|
644
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
555 struct passwd *current_user = getpwuid (geteuid()); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
556 int ngroups = 0, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
557 ret = 0, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
558 i = 0; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
559 gid_t * groups = NULL; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
560 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
561 if (current_user == NULL) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
562 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
563 ERRORPRINTF ("Failed to obtain user information."); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
564 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
565 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
566 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
567 ret = getgrouplist (current_user->pw_name, current_user->pw_gid, NULL, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
568 &ngroups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
569 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
570 if (ret != -1 || ngroups <= 0) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
571 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
572 ERRORPRINTF ("Unknown error in getgrouplist call"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
573 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
574 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
575 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
576 groups = xmalloc (((unsigned int)ngroups) * sizeof (gid_t)); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
577 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
578 ret = getgrouplist (current_user->pw_name, current_user->pw_gid, groups, |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
579 &ngroups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
580 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
581 if (ret != ngroups) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
582 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
583 ERRORPRINTF ("Group length mismatch."); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
584 xfree (groups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
585 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
586 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
587 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
588 for (i = 0; i < ngroups; i++) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
589 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
590 struct group *gr = getgrgid (groups[i]); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
591 if (gr == NULL) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
592 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
593 ERRORPRINTF ("Error in group enumeration"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
594 xfree (groups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
595 return false; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
596 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
597 if (strcmp("sudo", gr->gr_name) == 0) |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
598 { |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
599 DEBUGPRINTF ("User is in sudo group \n"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
600 xfree (groups); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
601 return true; |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
602 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
603 } |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
604 |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
605 DEBUGPRINTF ("User is not in sudo group"); |
|
c7a35fa302ec
Check sudo group membership if user to determine if he can elevate privileges
Andre Heinecke <andre.heinecke@intevation.de>
parents:
505
diff
changeset
|
606 |
|
505
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
607 return false; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
608 #else |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
609 bool retval = false; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
610 BOOL in_admin_group = FALSE; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
611 HANDLE hToken = NULL; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
612 HANDLE hTokenToCheck = NULL; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
613 DWORD cbSize = 0; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
614 TOKEN_ELEVATION_TYPE elevation; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
615 BYTE admin_id[SECURITY_MAX_SID_SIZE]; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
616 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
617 if (!OpenProcessToken(GetCurrentProcess(), |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
618 TOKEN_QUERY | TOKEN_DUPLICATE, &hToken)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
619 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
620 PRINTLASTERROR ("Failed to duplicate process token.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
621 return false; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
622 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
623 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
624 if (!GetTokenInformation(hToken, TokenElevationType, &elevation, |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
625 sizeof(elevation), &cbSize)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
626 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
627 PRINTLASTERROR ("Failed to get token information.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
628 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
629 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
630 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
631 /* If limited check the the linked token instead */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
632 if (TokenElevationTypeLimited == elevation) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
633 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
634 if (!GetTokenInformation(hToken, TokenLinkedToken, &hTokenToCheck, |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
635 sizeof(hTokenToCheck), &cbSize)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
636 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
637 PRINTLASTERROR ("Failed to get the linked token.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
638 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
639 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
640 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
641 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
642 if (!hTokenToCheck) /* The linked token is already of the correct type */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
643 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
644 if (!DuplicateToken(hToken, SecurityIdentification, &hTokenToCheck)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
645 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
646 PRINTLASTERROR ("Failed to duplicate token for identification.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
647 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
648 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
649 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
650 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
651 /* Do the sid dance for the adminSID */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
652 cbSize = sizeof(admin_id); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
653 if (!CreateWellKnownSid(WinBuiltinAdministratorsSid, NULL, &admin_id, |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
654 &cbSize)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
655 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
656 PRINTLASTERROR ("Failed to get admin sid.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
657 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
658 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
659 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
660 /* The actual check */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
661 if (!CheckTokenMembership(hTokenToCheck, &admin_id, &in_admin_group)) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
662 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
663 PRINTLASTERROR ("Failed to check token membership.\n"); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
664 goto done; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
665 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
666 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
667 if (in_admin_group) |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
668 { |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
669 /* Winbool to standard bool */ |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
670 retval = true; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
671 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
672 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
673 done: |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
674 if (hToken) CloseHandle(hToken); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
675 if (hTokenToCheck) CloseHandle(hTokenToCheck); |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
676 |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
677 return retval; |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
678 #endif |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
679 } |
|
78959fd970b0
Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
680 |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
681 #ifdef WIN32 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
682 bool |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
683 create_restricted_directory (LPWSTR path, bool objects_should_inherit, PACL *rACL) |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
684 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
685 bool retval = false; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
686 PSID everyone_SID = NULL, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
687 admin_SID = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
688 PACL access_control_list = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
689 PSECURITY_DESCRIPTOR descriptor = NULL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
690 EXPLICIT_ACCESS explicit_access[2]; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
691 SID_IDENTIFIER_AUTHORITY world_identifier = {SECURITY_WORLD_SID_AUTHORITY}, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
692 admin_identifier = {SECURITY_NT_AUTHORITY}; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
693 SECURITY_ATTRIBUTES security_attributes; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
694 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
695 ZeroMemory(&security_attributes, sizeof(security_attributes)); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
696 ZeroMemory(&explicit_access, 2 * sizeof(EXPLICIT_ACCESS)); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
697 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
698 /* Create a well-known SID for the Everyone group. */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
699 if(!AllocateAndInitializeSid(&world_identifier, /* top-level identifier */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
700 1, /* subauthorties count */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
701 SECURITY_WORLD_RID, /* Only one authority */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
702 0, 0, 0, 0, 0, 0, 0, /* No other authorities*/ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
703 &everyone_SID)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
704 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
705 PRINTLASTERROR ("Failed to allocate world sid.\n"); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
706 return false; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
707 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
708 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
709 /* Initialize the first EXPLICIT_ACCESS structure for an ACE. |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
710 to allow everyone read access */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
711 explicit_access[0].grfAccessPermissions = GENERIC_READ; /* Give read access */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
712 explicit_access[0].grfAccessMode = SET_ACCESS; /* Overwrite other access for all users */ |
|
1070
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
713 explicit_access[0].grfInheritance = objects_should_inherit ? |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
714 SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */ |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
715 NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */ |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
716 explicit_access[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
717 explicit_access[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
718 explicit_access[0].Trustee.ptstrName = (LPTSTR) everyone_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
719 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
720 /* Create the SID for the BUILTIN\Administrators group. */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
721 if(!AllocateAndInitializeSid(&admin_identifier, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
722 2, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
723 SECURITY_BUILTIN_DOMAIN_RID, /*BUILTIN\ */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
724 DOMAIN_ALIAS_RID_ADMINS, /*\Administrators */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
725 0, 0, 0, 0, 0, 0, /* No other */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
726 &admin_SID)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
727 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
728 PRINTLASTERROR ("Failed to allocate admin sid."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
729 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
730 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
731 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
732 /* explicit_access[1] grants admins full rights for this object and inherits |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
733 it to the children */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
734 explicit_access[1].grfAccessPermissions = GENERIC_ALL; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
735 explicit_access[1].grfAccessMode = SET_ACCESS; |
|
1070
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
736 explicit_access[1].grfInheritance = objects_should_inherit ? |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
737 SUB_CONTAINERS_AND_OBJECTS_INHERIT : /* make it stick */ |
|
f110a3f6e387
(issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1031
diff
changeset
|
738 NO_PROPAGATE_INHERIT_ACE; /* Don't inherit */ |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
739 explicit_access[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
740 explicit_access[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
741 explicit_access[1].Trustee.ptstrName = (LPTSTR) admin_SID; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
742 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
743 /* Set up the ACL structure. */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
744 if (ERROR_SUCCESS != SetEntriesInAcl(2, explicit_access, NULL, &access_control_list)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
745 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
746 PRINTLASTERROR ("Failed to set up Acl."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
747 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
748 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
749 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
750 /* Initialize a security descriptor */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
751 descriptor = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
752 SECURITY_DESCRIPTOR_MIN_LENGTH); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
753 if (descriptor == NULL) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
754 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
755 PRINTLASTERROR("Failed to allocate descriptor."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
756 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
757 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
758 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
759 if (!InitializeSecurityDescriptor(descriptor, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
760 SECURITY_DESCRIPTOR_REVISION)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
761 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
762 PRINTLASTERROR("Failed to initialize descriptor."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
763 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
764 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
765 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
766 /* Now we add the ACL to the the descriptor */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
767 if (!SetSecurityDescriptorDacl(descriptor, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
768 TRUE, /* bDaclPresent flag */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
769 access_control_list, |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
770 FALSE)) /* not a default DACL */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
771 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
772 PRINTLASTERROR("Failed to set security descriptor."); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
773 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
774 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
775 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
776 /* Finally set up the security attributes structure */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
777 security_attributes.nLength = sizeof (SECURITY_ATTRIBUTES); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
778 security_attributes.lpSecurityDescriptor = descriptor; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
779 security_attributes.bInheritHandle = FALSE; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
780 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
781 /* Use the security attributes to create the directory */ |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
782 if (!CreateDirectoryW(path, &security_attributes)) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
783 { |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
784 DWORD err = GetLastError(); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
785 if (err == ERROR_ALREADY_EXISTS) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
786 { |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
787 if (!objects_should_inherit) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
788 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
789 /* This means it is a parent directory of something and |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
790 we should not touch the DACL. */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
791 retval = true; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
792 goto done; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
793 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
794 |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
795 /* Set our ACL on the directory */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
796 err = SetNamedSecurityInfoW (path, |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
797 SE_FILE_OBJECT, |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
798 DACL_SECURITY_INFORMATION | |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
799 OWNER_SECURITY_INFORMATION | |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
800 GROUP_SECURITY_INFORMATION, |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
801 admin_SID, /* owner */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
802 admin_SID, /* group */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
803 access_control_list, /* the dacl */ |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
804 NULL); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
805 if (err != ERROR_SUCCESS) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
806 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
807 ERRORPRINTF ("Failed to set security info on folder. Err: %lu", err); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
808 goto done; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
809 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
810 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
811 else |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
812 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
813 ERRORPRINTF ("Failed to create directory. Err: %lu", err); |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
814 goto done; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
815 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
816 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
817 retval = true; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
818 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
819 done: |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
820 |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
821 if (retval != true) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
822 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
823 ERRORPRINTF ("Failed to create directory for NSS installer instructions."); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
824 syslog_error_printf ("Failed to create directory for NSS installer instructions."); |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
825 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
826 else if (rACL) |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
827 { |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
828 *rACL = access_control_list; |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
829 } |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
830 |
|
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
831 |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
832 if (everyone_SID) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
833 FreeSid(everyone_SID); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
834 if (admin_SID) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
835 FreeSid(admin_SID); |
|
1208
0a803c3fb5a6
(issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1162
diff
changeset
|
836 if (!rACL && access_control_list) |
|
983
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
837 LocalFree(access_control_list); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
838 if (descriptor) |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
839 LocalFree(descriptor); |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
840 |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
841 return retval; |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
842 } |
|
427e2e18b8c8
Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
843 #endif |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
844 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
845 #ifdef WIN32 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
846 /** @brief get a restricted access token |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
847 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
848 * This function uses the Software Restriction API to obtain the |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
849 * access token for a process run als normal user. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
850 * |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
851 * @returns A restricted handle or NULL on error. |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
852 */ |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
853 HANDLE |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
854 get_restricted_token() |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
855 { |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
856 SAFER_LEVEL_HANDLE user_level = NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
857 HANDLE retval = NULL; |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
858 SID_IDENTIFIER_AUTHORITY medium_identifier = {SECURITY_MANDATORY_LABEL_AUTHORITY}; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
859 PSID medium_sid = NULL; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
860 TOKEN_MANDATORY_LABEL integrity_label; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
861 |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
862 memset (&integrity_label, 0, sizeof (integrity_label)); |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
863 |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
864 if (!SaferCreateLevel(SAFER_SCOPEID_USER, |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
865 SAFER_LEVELID_NORMALUSER, |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
866 SAFER_LEVEL_OPEN, &user_level, NULL)) |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
867 { |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
868 PRINTLASTERROR ("Failed to create user level.\n"); |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
869 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
870 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
871 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
872 if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL)) |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
873 { |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
874 SaferCloseLevel(user_level); |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
875 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
876 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
877 |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
878 SaferCloseLevel(user_level); |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
879 |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
880 /* Set the SID to medium it will still be high otherwise. Even if |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
881 there is no high access allowed. */ |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
882 if (!AllocateAndInitializeSid(&medium_identifier, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
883 1, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
884 SECURITY_MANDATORY_MEDIUM_RID, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
885 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
886 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
887 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
888 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
889 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
890 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
891 0, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
892 &medium_sid)) |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
893 { |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
894 PRINTLASTERROR ("Failed to initialize sid.\n"); |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
895 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
896 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
897 |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
898 integrity_label.Label.Attributes = SE_GROUP_INTEGRITY; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
899 integrity_label.Label.Sid = medium_sid; |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
900 |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
901 if (!SetTokenInformation(retval, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
902 TokenIntegrityLevel, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
903 &integrity_label, |
|
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
904 sizeof(TOKEN_MANDATORY_LABEL))) |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
905 { |
|
1118
fd85a02d771d
(issue54) Implement a privilege drop to execute the program after installation.
Andre Heinecke <andre.heinecke@intevation.de>
diff
changeset
|
906 PRINTLASTERROR ("Failed to set token integrity.\n"); |
|
1010
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
907 return NULL; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
908 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
909 |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
910 return retval; |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
911 } |
|
1c1964c27b39
(issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
983
diff
changeset
|
912 #endif |