0afc6c16b4c4b270f7ff5d9ab8952df15a6cdc5f
[amitay/samba.git] / source3 / services / services_db.c
1 /* 
2  *  Unix SMB/CIFS implementation.
3  *  Service Control API Implementation
4  * 
5  *  Copyright (C) Marcin Krzysztof Porwit         2005.
6  *  Largely Rewritten by:
7  *  Copyright (C) Gerald (Jerry) Carter           2005.
8  *  
9  *  This program is free software; you can redistribute it and/or modify
10  *  it under the terms of the GNU General Public License as published by
11  *  the Free Software Foundation; either version 3 of the License, or
12  *  (at your option) any later version.
13  *  
14  *  This program is distributed in the hope that it will be useful,
15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  *  GNU General Public License for more details.
18  *  
19  *  You should have received a copy of the GNU General Public License
20  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
21  */
22
23 #include "includes.h"
24 #include "services/services.h"
25 #include "registry.h"
26 #include "registry/reg_util_legacy.h"
27 #include "registry/reg_dispatcher.h"
28 #include "registry/reg_objects.h"
29
30 struct rcinit_file_information {
31         char *description;
32 };
33
34 struct service_display_info {
35         const char *servicename;
36         const char *daemon;
37         const char *dispname;
38         const char *description;
39 };
40
41 struct service_display_info builtin_svcs[] = {
42   { "Spooler",        "smbd",   "Print Spooler", "Internal service for spooling files to print devices" },
43   { "NETLOGON",       "smbd",   "Net Logon", "File service providing access to policy and profile data (not remotely manageable)" },
44   { "RemoteRegistry", "smbd",   "Remote Registry Service", "Internal service providing remote access to "
45                                 "the Samba registry" },
46   { "WINS",           "nmbd",   "Windows Internet Name Service (WINS)", "Internal service providing a "
47                                 "NetBIOS point-to-point name server (not remotely manageable)" },
48   { NULL, NULL, NULL, NULL }
49 };
50
51 struct service_display_info common_unix_svcs[] = {
52   { "cups",          NULL, "Common Unix Printing System","Provides unified printing support for all operating systems" },
53   { "postfix",       NULL, "Internet Mail Service",     "Provides support for sending and receiving electonic mail" },
54   { "sendmail",      NULL, "Internet Mail Service",     "Provides support for sending and receiving electonic mail" },
55   { "portmap",       NULL, "TCP Port to RPC PortMapper",NULL },
56   { "xinetd",        NULL, "Internet Meta-Daemon",      NULL },
57   { "inet",          NULL, "Internet Meta-Daemon",      NULL },
58   { "xntpd",         NULL, "Network Time Service",      NULL },
59   { "ntpd",          NULL, "Network Time Service",      NULL },
60   { "lpd",           NULL, "BSD Print Spooler",         NULL },
61   { "nfsserver",     NULL, "Network File Service",      NULL },
62   { "cron",          NULL, "Scheduling Service",        NULL },
63   { "at",            NULL, "Scheduling Service",        NULL },
64   { "nscd",          NULL, "Name Service Cache Daemon", NULL },
65   { "slapd",         NULL, "LDAP Directory Service",    NULL },
66   { "ldap",          NULL, "LDAP DIrectory Service",    NULL },
67   { "ypbind",        NULL, "NIS Directory Service",     NULL },
68   { "courier-imap",  NULL, "IMAP4 Mail Service",        NULL },
69   { "courier-pop3",  NULL, "POP3 Mail Service",         NULL },
70   { "named",         NULL, "Domain Name Service",       NULL },
71   { "bind",          NULL, "Domain Name Service",       NULL },
72   { "httpd",         NULL, "HTTP Server",               NULL },
73   { "apache",        NULL, "HTTP Server",               "Provides s highly scalable and flexible web server "
74                                                         "capable of implementing various protocols incluing "
75                                                         "but not limited to HTTP" },
76   { "autofs",        NULL, "Automounter",               NULL },
77   { "squid",         NULL, "Web Cache Proxy ",          NULL },
78   { "perfcountd",    NULL, "Performance Monitoring Daemon", NULL },
79   { "pgsql",         NULL, "PgSQL Database Server",     "Provides service for SQL database from Postgresql.org" },
80   { "arpwatch",      NULL, "ARP Tables watcher",        "Provides service for monitoring ARP tables for changes" },
81   { "dhcpd",         NULL, "DHCP Server",               "Provides service for dynamic host configuration and IP assignment" },
82   { "nwserv",        NULL, "NetWare Server Emulator",   "Provides service for emulating Novell NetWare 3.12 server" },
83   { "proftpd",       NULL, "Professional FTP Server",   "Provides high configurable service for FTP connection and "
84                                                         "file transferring" },
85   { "ssh2",          NULL, "SSH Secure Shell",          "Provides service for secure connection for remote administration" },
86   { "sshd",          NULL, "SSH Secure Shell",          "Provides service for secure connection for remote administration" },
87   { NULL, NULL, NULL, NULL }
88 };
89
90
91 /********************************************************************
92 ********************************************************************/
93
94 static struct security_descriptor* construct_service_sd( TALLOC_CTX *ctx )
95 {
96         struct security_ace ace[4];
97         size_t i = 0;
98         struct security_descriptor *sd = NULL;
99         struct security_acl *theacl = NULL;
100         size_t sd_size;
101
102         /* basic access for Everyone */
103
104         init_sec_ace(&ace[i++], &global_sid_World,
105                 SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_READ_ACCESS, 0);
106
107         init_sec_ace(&ace[i++], &global_sid_Builtin_Power_Users,
108                         SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_EXECUTE_ACCESS, 0);
109
110         init_sec_ace(&ace[i++], &global_sid_Builtin_Server_Operators,
111                 SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0);
112         init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
113                 SEC_ACE_TYPE_ACCESS_ALLOWED, SERVICE_ALL_ACCESS, 0);
114
115         /* create the security descriptor */
116
117         if ( !(theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
118                 return NULL;
119
120         if ( !(sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
121                                   SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
122                                   theacl, &sd_size)) )
123                 return NULL;
124
125         return sd;
126 }
127
128 /********************************************************************
129  This is where we do the dirty work of filling in things like the
130  Display name, Description, etc...
131 ********************************************************************/
132
133 static char *get_common_service_dispname( const char *servicename )
134 {
135         int i;
136
137         for ( i=0; common_unix_svcs[i].servicename; i++ ) {
138                 if (strequal(servicename, common_unix_svcs[i].servicename)) {
139                         char *dispname;
140                         if (asprintf(&dispname,
141                                 "%s (%s)",
142                                 common_unix_svcs[i].dispname,
143                                 common_unix_svcs[i].servicename) < 0) {
144                                 return NULL;
145                         }
146                         return dispname;
147                 }
148         }
149
150         return SMB_STRDUP(servicename );
151 }
152
153 /********************************************************************
154 ********************************************************************/
155
156 static char *cleanup_string( const char *string )
157 {
158         char *clean = NULL;
159         char *begin, *end;
160         TALLOC_CTX *ctx = talloc_tos();
161
162         clean = talloc_strdup(ctx, string);
163         if (!clean) {
164                 return NULL;
165         }
166         begin = clean;
167
168         /* trim any beginning whilespace */
169
170         while (isspace(*begin)) {
171                 begin++;
172         }
173
174         if (*begin == '\0') {
175                 return NULL;
176         }
177
178         /* trim any trailing whitespace or carriage returns.
179            Start at the end and move backwards */
180
181         end = begin + strlen(begin) - 1;
182
183         while ( isspace(*end) || *end=='\n' || *end=='\r' ) {
184                 *end = '\0';
185                 end--;
186         }
187
188         return begin;
189 }
190
191 /********************************************************************
192 ********************************************************************/
193
194 static bool read_init_file( const char *servicename, struct rcinit_file_information **service_info )
195 {
196         struct rcinit_file_information *info = NULL;
197         char *filepath = NULL;
198         char str[1024];
199         XFILE *f = NULL;
200         char *p = NULL;
201
202         if ( !(info = TALLOC_ZERO_P( NULL, struct rcinit_file_information ) ) )
203                 return False;
204
205         /* attempt the file open */
206
207         filepath = talloc_asprintf(info, "%s/%s/%s", get_dyn_MODULESDIR(),
208                                 SVCCTL_SCRIPT_DIR, servicename);
209         if (!filepath) {
210                 TALLOC_FREE(info);
211                 return false;
212         }
213         if (!(f = x_fopen( filepath, O_RDONLY, 0 ))) {
214                 DEBUG(0,("read_init_file: failed to open [%s]\n", filepath));
215                 TALLOC_FREE(info);
216                 return false;
217         }
218
219         while ( (x_fgets( str, sizeof(str)-1, f )) != NULL ) {
220                 /* ignore everything that is not a full line
221                    comment starting with a '#' */
222
223                 if ( str[0] != '#' )
224                         continue;
225
226                 /* Look for a line like '^#.*Description:' */
227
228                 if ( (p = strstr( str, "Description:" )) != NULL ) {
229                         char *desc;
230
231                         p += strlen( "Description:" ) + 1;
232                         if ( !p )
233                                 break;
234
235                         if ( (desc = cleanup_string(p)) != NULL )
236                                 info->description = talloc_strdup( info, desc );
237                 }
238         }
239
240         x_fclose( f );
241
242         if ( !info->description )
243                 info->description = talloc_strdup( info, "External Unix Service" );
244
245         *service_info = info;
246         TALLOC_FREE(filepath);
247
248         return True;
249 }
250
251 /********************************************************************
252  This is where we do the dirty work of filling in things like the
253  Display name, Description, etc...
254 ********************************************************************/
255
256 static void fill_service_values(const char *name, struct regval_ctr *values)
257 {
258         char *dname, *ipath, *description;
259         uint32 dword;
260         int i;
261
262         /* These values are hardcoded in all QueryServiceConfig() replies.
263            I'm just storing them here for cosmetic purposes */
264
265         dword = SVCCTL_AUTO_START;
266         regval_ctr_addvalue( values, "Start", REG_DWORD, (uint8 *)&dword, sizeof(uint32));
267
268         dword = SERVICE_TYPE_WIN32_OWN_PROCESS;
269         regval_ctr_addvalue( values, "Type", REG_DWORD, (uint8 *)&dword, sizeof(uint32));
270
271         dword = SVCCTL_SVC_ERROR_NORMAL;
272         regval_ctr_addvalue( values, "ErrorControl", REG_DWORD, (uint8 *)&dword, sizeof(uint32));
273
274         /* everything runs as LocalSystem */
275
276         regval_ctr_addvalue_sz(values, "ObjectName", "LocalSystem");
277
278         /* special considerations for internal services and the DisplayName value */
279
280         for ( i=0; builtin_svcs[i].servicename; i++ ) {
281                 if ( strequal( name, builtin_svcs[i].servicename ) ) {
282                         ipath = talloc_asprintf(talloc_tos(), "%s/%s/%s",
283                                         get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR,
284                                         builtin_svcs[i].daemon);
285                         description = talloc_strdup(talloc_tos(), builtin_svcs[i].description);
286                         dname = talloc_strdup(talloc_tos(), builtin_svcs[i].dispname);
287                         break;
288                 }
289         }
290
291         /* default to an external service if we haven't found a match */
292
293         if ( builtin_svcs[i].servicename == NULL ) {
294                 char *dispname = NULL;
295                 struct rcinit_file_information *init_info = NULL;
296
297                 ipath = talloc_asprintf(talloc_tos(), "%s/%s/%s",
298                                         get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR,
299                                         name);
300
301                 /* lookup common unix display names */
302                 dispname = get_common_service_dispname(name);
303                 dname = talloc_strdup(talloc_tos(), dispname ? dispname : "");
304                 SAFE_FREE(dispname);
305
306                 /* get info from init file itself */
307                 if ( read_init_file( name, &init_info ) ) {
308                         description = talloc_strdup(talloc_tos(), init_info->description);
309                         TALLOC_FREE( init_info );
310                 }
311                 else {
312                         description = talloc_strdup(talloc_tos(), "External Unix Service");
313                 }
314         }
315
316         /* add the new values */
317
318         regval_ctr_addvalue_sz(values, "DisplayName", dname);
319         regval_ctr_addvalue_sz(values, "ImagePath", ipath);
320         regval_ctr_addvalue_sz(values, "Description", description);
321
322         TALLOC_FREE(dname);
323         TALLOC_FREE(ipath);
324         TALLOC_FREE(description);
325
326         return;
327 }
328
329 /********************************************************************
330 ********************************************************************/
331
332 static void add_new_svc_name(struct registry_key_handle *key_parent,
333                              struct regsubkey_ctr *subkeys,
334                              const char *name )
335 {
336         struct registry_key_handle *key_service = NULL, *key_secdesc = NULL;
337         WERROR wresult;
338         char *path = NULL;
339         struct regval_ctr *values = NULL;
340         struct regsubkey_ctr *svc_subkeys = NULL;
341         struct security_descriptor *sd = NULL;
342         DATA_BLOB sd_blob;
343         NTSTATUS status;
344
345         /* add to the list and create the subkey path */
346
347         regsubkey_ctr_addkey( subkeys, name );
348         store_reg_keys( key_parent, subkeys );
349
350         /* open the new service key */
351
352         if (asprintf(&path, "%s\\%s", KEY_SERVICES, name) < 0) {
353                 return;
354         }
355         wresult = regkey_open_internal( NULL, &key_service, path,
356                                         get_root_nt_token(), REG_KEY_ALL );
357         if ( !W_ERROR_IS_OK(wresult) ) {
358                 DEBUG(0,("add_new_svc_name: key lookup failed! [%s] (%s)\n",
359                         path, win_errstr(wresult)));
360                 SAFE_FREE(path);
361                 return;
362         }
363         SAFE_FREE(path);
364
365         /* add the 'Security' key */
366
367         wresult = regsubkey_ctr_init(key_service, &svc_subkeys);
368         if (!W_ERROR_IS_OK(wresult)) {
369                 DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
370                 TALLOC_FREE( key_service );
371                 return;
372         }
373
374         fetch_reg_keys( key_service, svc_subkeys );
375         regsubkey_ctr_addkey( svc_subkeys, "Security" );
376         store_reg_keys( key_service, svc_subkeys );
377
378         /* now for the service values */
379
380         wresult = regval_ctr_init(key_service, &values);
381         if (!W_ERROR_IS_OK(wresult)) {
382                 DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
383                 TALLOC_FREE( key_service );
384                 return;
385         }
386
387         fill_service_values( name, values );
388         store_reg_values( key_service, values );
389
390         /* cleanup the service key*/
391
392         TALLOC_FREE( key_service );
393
394         /* now add the security descriptor */
395
396         if (asprintf(&path, "%s\\%s\\%s", KEY_SERVICES, name, "Security") < 0) {
397                 return;
398         }
399         wresult = regkey_open_internal( NULL, &key_secdesc, path,
400                                         get_root_nt_token(), REG_KEY_ALL );
401         if ( !W_ERROR_IS_OK(wresult) ) {
402                 DEBUG(0,("add_new_svc_name: key lookup failed! [%s] (%s)\n",
403                         path, win_errstr(wresult)));
404                 TALLOC_FREE( key_secdesc );
405                 SAFE_FREE(path);
406                 return;
407         }
408         SAFE_FREE(path);
409
410         wresult = regval_ctr_init(key_secdesc, &values);
411         if (!W_ERROR_IS_OK(wresult)) {
412                 DEBUG(0,("add_new_svc_name: talloc() failed!\n"));
413                 TALLOC_FREE( key_secdesc );
414                 return;
415         }
416
417         if ( !(sd = construct_service_sd(key_secdesc)) ) {
418                 DEBUG(0,("add_new_svc_name: Failed to create default sec_desc!\n"));
419                 TALLOC_FREE( key_secdesc );
420                 return;
421         }
422
423         status = marshall_sec_desc(key_secdesc, sd, &sd_blob.data,
424                                    &sd_blob.length);
425         if (!NT_STATUS_IS_OK(status)) {
426                 DEBUG(0, ("marshall_sec_desc failed: %s\n",
427                           nt_errstr(status)));
428                 TALLOC_FREE(key_secdesc);
429                 return;
430         }
431
432         regval_ctr_addvalue(values, "Security", REG_BINARY,
433                             sd_blob.data, sd_blob.length);
434         store_reg_values( key_secdesc, values );
435
436         TALLOC_FREE( key_secdesc );
437
438         return;
439 }
440
441 /********************************************************************
442 ********************************************************************/
443
444 void svcctl_init_keys( void )
445 {
446         const char **service_list = lp_svcctl_list();
447         int i;
448         struct regsubkey_ctr *subkeys = NULL;
449         struct registry_key_handle *key = NULL;
450         WERROR wresult;
451
452         /* bad mojo here if the lookup failed.  Should not happen */
453
454         wresult = regkey_open_internal( NULL, &key, KEY_SERVICES,
455                                         get_root_nt_token(), REG_KEY_ALL );
456
457         if ( !W_ERROR_IS_OK(wresult) ) {
458                 DEBUG(0,("svcctl_init_keys: key lookup failed! (%s)\n",
459                         win_errstr(wresult)));
460                 return;
461         }
462
463         /* lookup the available subkeys */
464
465         wresult = regsubkey_ctr_init(key, &subkeys);
466         if (!W_ERROR_IS_OK(wresult)) {
467                 DEBUG(0,("svcctl_init_keys: talloc() failed!\n"));
468                 TALLOC_FREE( key );
469                 return;
470         }
471
472         fetch_reg_keys( key, subkeys );
473
474         /* the builtin services exist */
475
476         for ( i=0; builtin_svcs[i].servicename; i++ )
477                 add_new_svc_name( key, subkeys, builtin_svcs[i].servicename );
478
479         for ( i=0; service_list && service_list[i]; i++ ) {
480
481                 /* only add new services */
482                 if ( regsubkey_ctr_key_exists( subkeys, service_list[i] ) )
483                         continue;
484
485                 /* Add the new service key and initialize the appropriate values */
486
487                 add_new_svc_name( key, subkeys, service_list[i] );
488         }
489
490         TALLOC_FREE( key );
491
492         /* initialize the control hooks */
493
494         init_service_op_table();
495
496         return;
497 }
498
499 /********************************************************************
500  This is where we do the dirty work of filling in things like the
501  Display name, Description, etc...Always return a default secdesc
502  in case of any failure.
503 ********************************************************************/
504
505 struct security_descriptor *svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, struct security_token *token )
506 {
507         struct registry_key_handle *key = NULL;
508         struct regval_ctr *values = NULL;
509         struct regval_blob *val = NULL;
510         struct security_descriptor *ret_sd = NULL;
511         char *path= NULL;
512         WERROR wresult;
513         NTSTATUS status;
514
515         /* now add the security descriptor */
516
517         if (asprintf(&path, "%s\\%s\\%s", KEY_SERVICES, name, "Security") < 0) {
518                 return NULL;
519         }
520         wresult = regkey_open_internal( NULL, &key, path, token,
521                                         REG_KEY_ALL );
522         if ( !W_ERROR_IS_OK(wresult) ) {
523                 DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n",
524                         path, win_errstr(wresult)));
525                 goto done;
526         }
527
528         wresult = regval_ctr_init(key, &values);
529         if (!W_ERROR_IS_OK(wresult)) {
530                 DEBUG(0,("svcctl_get_secdesc: talloc() failed!\n"));
531                 goto done;
532         }
533
534         if (fetch_reg_values( key, values ) == -1) {
535                 DEBUG(0, ("Error getting registry values\n"));
536                 goto done;
537         }
538
539         if ( !(val = regval_ctr_getvalue( values, "Security" )) ) {
540                 goto fallback_to_default_sd;
541         }
542
543         /* stream the service security descriptor */
544
545         status = unmarshall_sec_desc(ctx, regval_data_p(val),
546                                      regval_size(val), &ret_sd);
547
548         if (NT_STATUS_IS_OK(status)) {
549                 goto done;
550         }
551
552 fallback_to_default_sd:
553         DEBUG(6, ("svcctl_get_secdesc: constructing default secdesc for "
554                   "service [%s]\n", name));
555         ret_sd = construct_service_sd(ctx);
556
557 done:
558         SAFE_FREE(path);
559         TALLOC_FREE(key);
560         return ret_sd;
561 }
562
563 /********************************************************************
564  Wrapper to make storing a Service sd easier
565 ********************************************************************/
566
567 bool svcctl_set_secdesc( TALLOC_CTX *ctx, const char *name, struct security_descriptor *sec_desc, struct security_token *token )
568 {
569         struct registry_key_handle *key = NULL;
570         WERROR wresult;
571         char *path = NULL;
572         struct regval_ctr *values = NULL;
573         DATA_BLOB blob;
574         NTSTATUS status;
575         bool ret = False;
576
577         /* now add the security descriptor */
578
579         if (asprintf(&path, "%s\\%s\\%s", KEY_SERVICES, name, "Security") < 0) {
580                 return false;
581         }
582         wresult = regkey_open_internal( NULL, &key, path, token,
583                                         REG_KEY_ALL );
584         if ( !W_ERROR_IS_OK(wresult) ) {
585                 DEBUG(0,("svcctl_get_secdesc: key lookup failed! [%s] (%s)\n",
586                         path, win_errstr(wresult)));
587                 SAFE_FREE(path);
588                 return False;
589         }
590         SAFE_FREE(path);
591
592         wresult = regval_ctr_init(key, &values);
593         if (!W_ERROR_IS_OK(wresult)) {
594                 DEBUG(0,("svcctl_set_secdesc: talloc() failed!\n"));
595                 TALLOC_FREE( key );
596                 return False;
597         }
598
599         /* stream the printer security descriptor */
600
601         status = marshall_sec_desc(ctx, sec_desc, &blob.data, &blob.length);
602         if (!NT_STATUS_IS_OK(status)) {
603                 DEBUG(0,("svcctl_set_secdesc: ndr_push_struct_blob() failed!\n"));
604                 TALLOC_FREE( key );
605                 return False;
606         }
607
608         regval_ctr_addvalue( values, "Security", REG_BINARY, blob.data, blob.length);
609         ret = store_reg_values( key, values );
610
611         /* cleanup */
612
613         TALLOC_FREE( key);
614
615         return ret;
616 }
617
618 /********************************************************************
619 ********************************************************************/
620
621 const char *svcctl_lookup_dispname(TALLOC_CTX *ctx, const char *name, struct security_token *token )
622 {
623         const char *display_name = NULL;
624         struct registry_key_handle *key = NULL;
625         struct regval_ctr *values = NULL;
626         struct regval_blob *val = NULL;
627         char *path = NULL;
628         WERROR wresult;
629         DATA_BLOB blob;
630
631         /* now add the security descriptor */
632
633         if (asprintf(&path, "%s\\%s", KEY_SERVICES, name) < 0) {
634                 return NULL;
635         }
636         wresult = regkey_open_internal( NULL, &key, path, token,
637                                         REG_KEY_READ );
638         if ( !W_ERROR_IS_OK(wresult) ) {
639                 DEBUG(0,("svcctl_lookup_dispname: key lookup failed! [%s] (%s)\n", 
640                         path, win_errstr(wresult)));
641                 SAFE_FREE(path);
642                 goto fail;
643         }
644         SAFE_FREE(path);
645
646         wresult = regval_ctr_init(key, &values);
647         if (!W_ERROR_IS_OK(wresult)) {
648                 DEBUG(0,("svcctl_lookup_dispname: talloc() failed!\n"));
649                 TALLOC_FREE( key );
650                 goto fail;
651         }
652
653         fetch_reg_values( key, values );
654
655         if ( !(val = regval_ctr_getvalue( values, "DisplayName" )) )
656                 goto fail;
657
658         blob = data_blob_const(regval_data_p(val), regval_size(val));
659         pull_reg_sz(ctx, &blob, &display_name);
660
661         TALLOC_FREE( key );
662
663         return display_name;
664
665 fail:
666         /* default to returning the service name */
667         TALLOC_FREE( key );
668         return talloc_strdup(ctx, name);
669 }
670
671 /********************************************************************
672 ********************************************************************/
673
674 const char *svcctl_lookup_description(TALLOC_CTX *ctx, const char *name, struct security_token *token )
675 {
676         const char *description = NULL;
677         struct registry_key_handle *key = NULL;
678         struct regval_ctr *values = NULL;
679         struct regval_blob *val = NULL;
680         char *path = NULL;
681         WERROR wresult;
682         DATA_BLOB blob;
683
684         /* now add the security descriptor */
685
686         if (asprintf(&path, "%s\\%s", KEY_SERVICES, name) < 0) {
687                 return NULL;
688         }
689         wresult = regkey_open_internal( NULL, &key, path, token,
690                                         REG_KEY_READ );
691         if ( !W_ERROR_IS_OK(wresult) ) {
692                 DEBUG(0,("svcctl_lookup_description: key lookup failed! [%s] (%s)\n", 
693                         path, win_errstr(wresult)));
694                 SAFE_FREE(path);
695                 return NULL;
696         }
697         SAFE_FREE(path);
698
699         wresult = regval_ctr_init(key, &values);
700         if (!W_ERROR_IS_OK(wresult)) {
701                 DEBUG(0,("svcctl_lookup_description: talloc() failed!\n"));
702                 TALLOC_FREE( key );
703                 return NULL;
704         }
705
706         fetch_reg_values( key, values );
707
708         if ( !(val = regval_ctr_getvalue( values, "Description" )) ) {
709                 TALLOC_FREE( key );
710                 return "Unix Service";
711         }
712
713         blob = data_blob_const(regval_data_p(val), regval_size(val));
714         pull_reg_sz(ctx, &blob, &description);
715
716         TALLOC_FREE(key);
717
718         return description;
719 }
720
721
722 /********************************************************************
723 ********************************************************************/
724
725 struct regval_ctr *svcctl_fetch_regvalues(const char *name, struct security_token *token)
726 {
727         struct registry_key_handle *key = NULL;
728         struct regval_ctr *values = NULL;
729         char *path = NULL;
730         WERROR wresult;
731
732         /* now add the security descriptor */
733
734         if (asprintf(&path, "%s\\%s", KEY_SERVICES, name) < 0) {
735                 return NULL;
736         }
737         wresult = regkey_open_internal( NULL, &key, path, token,
738                                         REG_KEY_READ );
739         if ( !W_ERROR_IS_OK(wresult) ) {
740                 DEBUG(0,("svcctl_fetch_regvalues: key lookup failed! [%s] (%s)\n",
741                         path, win_errstr(wresult)));
742                 SAFE_FREE(path);
743                 return NULL;
744         }
745         SAFE_FREE(path);
746
747         wresult = regval_ctr_init(NULL, &values);
748         if (!W_ERROR_IS_OK(wresult)) {
749                 DEBUG(0,("svcctl_fetch_regvalues: talloc() failed!\n"));
750                 TALLOC_FREE( key );
751                 return NULL;
752         }
753         fetch_reg_values( key, values );
754
755         TALLOC_FREE( key );
756         return values;
757 }