2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
5 * Copyright (C) Marcin Krzysztof Porwit 2005.
7 * Largely Rewritten (Again) by:
8 * Copyright (C) Gerald (Jerry) Carter 2005.
9 * Copyright (C) Guenther Deschner 2008,2009.
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 #include "../librpc/gen_ndr/srv_svcctl.h"
27 #include "services/services.h"
29 #include "registry/reg_objects.h"
32 #define DBGC_CLASS DBGC_RPC_SRV
34 struct service_control_op {
36 SERVICE_CONTROL_OPS *ops;
39 /* handle external services */
40 extern SERVICE_CONTROL_OPS rcinit_svc_ops;
42 /* builtin services (see service_db.c and services/svc_*.c */
43 extern SERVICE_CONTROL_OPS spoolss_svc_ops;
44 extern SERVICE_CONTROL_OPS netlogon_svc_ops;
45 extern SERVICE_CONTROL_OPS winreg_svc_ops;
46 extern SERVICE_CONTROL_OPS wins_svc_ops;
48 /* make sure this number patches the number of builtin
49 SERVICE_CONTROL_OPS structure listed above */
51 #define SVCCTL_NUM_INTERNAL_SERVICES 4
53 struct service_control_op *svcctl_ops;
55 static const struct generic_mapping scm_generic_map =
56 { SC_MANAGER_READ_ACCESS, SC_MANAGER_WRITE_ACCESS, SC_MANAGER_EXECUTE_ACCESS, SC_MANAGER_ALL_ACCESS };
57 static const struct generic_mapping svc_generic_map =
58 { SERVICE_READ_ACCESS, SERVICE_WRITE_ACCESS, SERVICE_EXECUTE_ACCESS, SERVICE_ALL_ACCESS };
61 /********************************************************************
62 ********************************************************************/
64 bool init_service_op_table( void )
66 const char **service_list = lp_svcctl_list();
67 int num_services = SVCCTL_NUM_INTERNAL_SERVICES + str_list_length( service_list );
70 if ( !(svcctl_ops = TALLOC_ARRAY( NULL, struct service_control_op, num_services+1)) ) {
71 DEBUG(0,("init_service_op_table: talloc() failed!\n"));
75 /* services listed in smb.conf get the rc.init interface */
77 for ( i=0; service_list && service_list[i]; i++ ) {
78 svcctl_ops[i].name = talloc_strdup( svcctl_ops, service_list[i] );
79 svcctl_ops[i].ops = &rcinit_svc_ops;
82 /* add builtin services */
84 svcctl_ops[i].name = talloc_strdup( svcctl_ops, "Spooler" );
85 svcctl_ops[i].ops = &spoolss_svc_ops;
88 svcctl_ops[i].name = talloc_strdup( svcctl_ops, "NETLOGON" );
89 svcctl_ops[i].ops = &netlogon_svc_ops;
92 svcctl_ops[i].name = talloc_strdup( svcctl_ops, "RemoteRegistry" );
93 svcctl_ops[i].ops = &winreg_svc_ops;
96 svcctl_ops[i].name = talloc_strdup( svcctl_ops, "WINS" );
97 svcctl_ops[i].ops = &wins_svc_ops;
100 /* NULL terminate the array */
102 svcctl_ops[i].name = NULL;
103 svcctl_ops[i].ops = NULL;
108 /********************************************************************
109 ********************************************************************/
111 static struct service_control_op* find_service_by_name( const char *name )
115 for ( i=0; svcctl_ops[i].name; i++ ) {
116 if ( strequal( name, svcctl_ops[i].name ) )
117 return &svcctl_ops[i];
122 /********************************************************************
123 ********************************************************************/
125 static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, NT_USER_TOKEN *token,
126 uint32 access_desired, uint32 *access_granted )
128 if ( geteuid() == sec_initial_uid() ) {
129 DEBUG(5,("svcctl_access_check: using root's token\n"));
130 token = get_root_nt_token();
133 return se_access_check( sec_desc, token, access_desired, access_granted);
136 /********************************************************************
137 ********************************************************************/
139 static struct security_descriptor* construct_scm_sd( TALLOC_CTX *ctx )
141 struct security_ace ace[2];
143 struct security_descriptor *sd;
144 struct security_acl *theacl;
147 /* basic access for Everyone */
149 init_sec_ace(&ace[i++], &global_sid_World,
150 SEC_ACE_TYPE_ACCESS_ALLOWED, SC_MANAGER_READ_ACCESS, 0);
152 /* Full Access 'BUILTIN\Administrators' */
154 init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
155 SEC_ACE_TYPE_ACCESS_ALLOWED, SC_MANAGER_ALL_ACCESS, 0);
158 /* create the security descriptor */
160 if ( !(theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
163 if ( !(sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
164 SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
171 /******************************************************************
172 Find a registry key handle and return a SERVICE_INFO
173 *****************************************************************/
175 static SERVICE_INFO *find_service_info_by_hnd(pipes_struct *p, struct policy_handle *hnd)
177 SERVICE_INFO *service_info = NULL;
179 if( !find_policy_by_hnd( p, hnd, (void **)(void *)&service_info) ) {
180 DEBUG(2,("find_service_info_by_hnd: handle not found\n"));
187 /******************************************************************
188 *****************************************************************/
190 static WERROR create_open_service_handle( pipes_struct *p, struct policy_handle *handle, uint32 type,
191 const char *service, uint32 access_granted )
193 SERVICE_INFO *info = NULL;
194 WERROR result = WERR_OK;
195 struct service_control_op *s_op;
197 if ( !(info = TALLOC_ZERO_P( NULL, SERVICE_INFO )) )
200 /* the Service Manager has a NULL name */
202 info->type = SVC_HANDLE_IS_SCM;
205 case SVC_HANDLE_IS_SCM:
206 info->type = SVC_HANDLE_IS_SCM;
209 case SVC_HANDLE_IS_DBLOCK:
210 info->type = SVC_HANDLE_IS_DBLOCK;
213 case SVC_HANDLE_IS_SERVICE:
214 info->type = SVC_HANDLE_IS_SERVICE;
216 /* lookup the SERVICE_CONTROL_OPS */
218 if ( !(s_op = find_service_by_name( service )) ) {
219 result = WERR_NO_SUCH_SERVICE;
223 info->ops = s_op->ops;
225 if ( !(info->name = talloc_strdup( info, s_op->name )) ) {
232 result = WERR_NO_SUCH_SERVICE;
236 info->access_granted = access_granted;
238 /* store the SERVICE_INFO and create an open handle */
240 if ( !create_policy_hnd( p, handle, info ) ) {
241 result = WERR_ACCESS_DENIED;
246 if ( !W_ERROR_IS_OK(result) )
252 /********************************************************************
253 _svcctl_OpenSCManagerW
254 ********************************************************************/
256 WERROR _svcctl_OpenSCManagerW(pipes_struct *p,
257 struct svcctl_OpenSCManagerW *r)
259 struct security_descriptor *sec_desc;
260 uint32 access_granted = 0;
263 /* perform access checks */
265 if ( !(sec_desc = construct_scm_sd( p->mem_ctx )) )
268 se_map_generic( &r->in.access_mask, &scm_generic_map );
269 status = svcctl_access_check( sec_desc, p->server_info->ptok,
270 r->in.access_mask, &access_granted );
271 if ( !NT_STATUS_IS_OK(status) )
272 return ntstatus_to_werror( status );
274 return create_open_service_handle( p, r->out.handle, SVC_HANDLE_IS_SCM, NULL, access_granted );
277 /********************************************************************
279 ********************************************************************/
281 WERROR _svcctl_OpenServiceW(pipes_struct *p,
282 struct svcctl_OpenServiceW *r)
284 struct security_descriptor *sec_desc;
285 uint32 access_granted = 0;
287 const char *service = NULL;
289 service = r->in.ServiceName;
293 DEBUG(5, ("_svcctl_OpenServiceW: Attempting to open Service [%s], \n", service));
295 /* based on my tests you can open a service if you have a valid scm handle */
297 if ( !find_service_info_by_hnd( p, r->in.scmanager_handle) )
300 /* perform access checks. Use the root token in order to ensure that we
301 retrieve the security descriptor */
303 if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, service, get_root_nt_token() )) )
306 se_map_generic( &r->in.access_mask, &svc_generic_map );
307 status = svcctl_access_check( sec_desc, p->server_info->ptok,
308 r->in.access_mask, &access_granted );
309 if ( !NT_STATUS_IS_OK(status) )
310 return ntstatus_to_werror( status );
312 return create_open_service_handle( p, r->out.handle, SVC_HANDLE_IS_SERVICE, service, access_granted );
315 /********************************************************************
316 _svcctl_CloseServiceHandle
317 ********************************************************************/
319 WERROR _svcctl_CloseServiceHandle(pipes_struct *p,
320 struct svcctl_CloseServiceHandle *r)
322 if ( !close_policy_hnd( p, r->in.handle ) )
325 ZERO_STRUCTP(r->out.handle);
330 /********************************************************************
331 _svcctl_GetServiceDisplayNameW
332 ********************************************************************/
334 WERROR _svcctl_GetServiceDisplayNameW(pipes_struct *p,
335 struct svcctl_GetServiceDisplayNameW *r)
338 const char *display_name;
339 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
341 /* can only use an SCM handle here */
343 if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
346 service = r->in.service_name;
348 display_name = svcctl_lookup_dispname(p->mem_ctx, service,
349 p->server_info->ptok);
354 *r->out.display_name = display_name;
355 *r->out.display_name_length = strlen(display_name);
360 /********************************************************************
361 _svcctl_QueryServiceStatus
362 ********************************************************************/
364 WERROR _svcctl_QueryServiceStatus(pipes_struct *p,
365 struct svcctl_QueryServiceStatus *r)
367 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
369 /* perform access checks */
371 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
374 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
375 return WERR_ACCESS_DENIED;
377 /* try the service specific status call */
379 return info->ops->service_status( info->name, r->out.service_status );
382 /********************************************************************
383 ********************************************************************/
385 static int enumerate_status( TALLOC_CTX *ctx, struct ENUM_SERVICE_STATUSW **status, NT_USER_TOKEN *token )
387 int num_services = 0;
389 struct ENUM_SERVICE_STATUSW *st;
390 const char *display_name;
393 while ( svcctl_ops[num_services].name )
396 if ( !(st = TALLOC_ARRAY( ctx, struct ENUM_SERVICE_STATUSW, num_services )) ) {
397 DEBUG(0,("enumerate_status: talloc() failed!\n"));
401 for ( i=0; i<num_services; i++ ) {
402 st[i].service_name = talloc_strdup(st, svcctl_ops[i].name );
404 display_name = svcctl_lookup_dispname(ctx, svcctl_ops[i].name, token );
405 st[i].display_name = talloc_strdup(st, display_name ? display_name : "");
407 svcctl_ops[i].ops->service_status( svcctl_ops[i].name, &st[i].status );
415 /********************************************************************
416 _svcctl_EnumServicesStatusW
417 ********************************************************************/
419 WERROR _svcctl_EnumServicesStatusW(pipes_struct *p,
420 struct svcctl_EnumServicesStatusW *r)
422 struct ENUM_SERVICE_STATUSW *services = NULL;
425 size_t buffer_size = 0;
426 WERROR result = WERR_OK;
427 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
428 NT_USER_TOKEN *token = p->server_info->ptok;
429 DATA_BLOB blob = data_blob_null;
431 /* perform access checks */
433 if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
436 if ( !(info->access_granted & SC_RIGHT_MGR_ENUMERATE_SERVICE) ) {
437 return WERR_ACCESS_DENIED;
440 num_services = enumerate_status( p->mem_ctx, &services, token );
441 if (num_services == -1 ) {
445 for ( i=0; i<num_services; i++ ) {
446 buffer_size += ndr_size_ENUM_SERVICE_STATUSW(&services[i], 0);
449 buffer_size += buffer_size % 4;
451 if (buffer_size > r->in.offered) {
453 result = WERR_MORE_DATA;
456 if ( W_ERROR_IS_OK(result) ) {
458 enum ndr_err_code ndr_err;
459 struct ndr_push *ndr;
461 ndr = ndr_push_init_ctx(p->mem_ctx);
463 return WERR_INVALID_PARAM;
466 ndr_err = ndr_push_ENUM_SERVICE_STATUSW_array(
467 ndr, num_services, services);
468 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
469 return ntstatus_to_werror(ndr_map_error2ntstatus(ndr_err));
471 blob = ndr_push_blob(ndr);
472 memcpy(r->out.service, blob.data, MIN(blob.length, r->in.offered));
475 *r->out.needed = (buffer_size > r->in.offered) ? buffer_size : r->in.offered;
476 *r->out.services_returned = (uint32)num_services;
477 if (r->out.resume_handle) {
478 *r->out.resume_handle = 0;
484 /********************************************************************
485 _svcctl_StartServiceW
486 ********************************************************************/
488 WERROR _svcctl_StartServiceW(pipes_struct *p,
489 struct svcctl_StartServiceW *r)
491 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
493 /* perform access checks */
495 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
498 if ( !(info->access_granted & SC_RIGHT_SVC_START) )
499 return WERR_ACCESS_DENIED;
501 return info->ops->start_service( info->name );
504 /********************************************************************
505 _svcctl_ControlService
506 ********************************************************************/
508 WERROR _svcctl_ControlService(pipes_struct *p,
509 struct svcctl_ControlService *r)
511 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
513 /* perform access checks */
515 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
518 switch ( r->in.control ) {
519 case SVCCTL_CONTROL_STOP:
520 if ( !(info->access_granted & SC_RIGHT_SVC_STOP) )
521 return WERR_ACCESS_DENIED;
523 return info->ops->stop_service( info->name,
524 r->out.service_status );
526 case SVCCTL_CONTROL_INTERROGATE:
527 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
528 return WERR_ACCESS_DENIED;
530 return info->ops->service_status( info->name,
531 r->out.service_status );
533 return WERR_INVALID_PARAM;
537 /********************************************************************
538 _svcctl_EnumDependentServicesW
539 ********************************************************************/
541 WERROR _svcctl_EnumDependentServicesW(pipes_struct *p,
542 struct svcctl_EnumDependentServicesW *r)
544 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.service );
546 /* perform access checks */
548 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
551 if ( !(info->access_granted & SC_RIGHT_SVC_ENUMERATE_DEPENDENTS) )
552 return WERR_ACCESS_DENIED;
554 switch (r->in.state) {
555 case SERVICE_STATE_ACTIVE:
556 case SERVICE_STATE_INACTIVE:
557 case SERVICE_STATE_ALL:
560 return WERR_INVALID_PARAM;
563 /* we have to set the outgoing buffer size to the same as the
564 incoming buffer size (even in the case of failure */
565 /* this is done in the autogenerated server already - gd */
567 *r->out.needed = r->in.offered;
569 /* no dependent services...basically a stub function */
570 *r->out.services_returned = 0;
575 /********************************************************************
576 _svcctl_QueryServiceStatusEx
577 ********************************************************************/
579 WERROR _svcctl_QueryServiceStatusEx(pipes_struct *p,
580 struct svcctl_QueryServiceStatusEx *r)
582 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
585 /* perform access checks */
587 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
590 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
591 return WERR_ACCESS_DENIED;
593 /* we have to set the outgoing buffer size to the same as the
594 incoming buffer size (even in the case of failure) */
595 *r->out.needed = r->in.offered;
597 switch ( r->in.info_level ) {
598 case SVC_STATUS_PROCESS_INFO:
600 struct SERVICE_STATUS_PROCESS svc_stat_proc;
601 enum ndr_err_code ndr_err;
604 /* Get the status of the service.. */
605 info->ops->service_status( info->name, &svc_stat_proc.status );
606 svc_stat_proc.process_id = sys_getpid();
607 svc_stat_proc.service_flags = 0x0;
609 ndr_err = ndr_push_struct_blob(&blob, p->mem_ctx, &svc_stat_proc,
610 (ndr_push_flags_fn_t)ndr_push_SERVICE_STATUS_PROCESS);
611 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
612 return WERR_INVALID_PARAM;
615 r->out.buffer = blob.data;
616 buffer_size = sizeof(struct SERVICE_STATUS_PROCESS);
621 return WERR_UNKNOWN_LEVEL;
625 buffer_size += buffer_size % 4;
626 *r->out.needed = (buffer_size > r->in.offered) ? buffer_size : r->in.offered;
628 if (buffer_size > r->in.offered ) {
629 return WERR_INSUFFICIENT_BUFFER;
635 /********************************************************************
636 ********************************************************************/
638 static WERROR fill_svc_config( TALLOC_CTX *ctx, const char *name,
639 struct QUERY_SERVICE_CONFIG *config,
640 NT_USER_TOKEN *token )
642 struct regval_ctr *values;
643 struct regval_blob *val;
645 /* retrieve the registry values for this service */
647 if ( !(values = svcctl_fetch_regvalues( name, token )) )
648 return WERR_REG_CORRUPT;
650 /* now fill in the individual values */
652 if ( (val = regval_ctr_getvalue( values, "DisplayName" )) != NULL )
653 config->displayname = regval_sz(val);
655 config->displayname = name;
657 if ( (val = regval_ctr_getvalue( values, "ObjectName" )) != NULL ) {
658 config->startname = regval_sz(val);
661 if ( (val = regval_ctr_getvalue( values, "ImagePath" )) != NULL ) {
662 config->executablepath = regval_sz(val);
665 /* a few hard coded values */
666 /* loadordergroup and dependencies are empty */
668 config->tag_id = 0x00000000; /* unassigned loadorder group */
669 config->service_type = SERVICE_TYPE_WIN32_OWN_PROCESS;
670 config->error_control = SVCCTL_SVC_ERROR_NORMAL;
672 /* set the start type. NetLogon and WINS are disabled to prevent
673 the client from showing the "Start" button (if of course the services
676 if ( strequal( name, "NETLOGON" ) && ( lp_servicenumber(name) == -1 ) )
677 config->start_type = SVCCTL_DISABLED;
678 else if ( strequal( name, "WINS" ) && ( !lp_wins_support() ))
679 config->start_type = SVCCTL_DISABLED;
681 config->start_type = SVCCTL_DEMAND_START;
684 TALLOC_FREE( values );
689 /********************************************************************
690 _svcctl_QueryServiceConfigW
691 ********************************************************************/
693 WERROR _svcctl_QueryServiceConfigW(pipes_struct *p,
694 struct svcctl_QueryServiceConfigW *r)
696 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
700 /* perform access checks */
702 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
705 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_CONFIG) )
706 return WERR_ACCESS_DENIED;
708 /* we have to set the outgoing buffer size to the same as the
709 incoming buffer size (even in the case of failure */
711 *r->out.needed = r->in.offered;
713 wresult = fill_svc_config( p->mem_ctx, info->name, r->out.query,
714 p->server_info->ptok);
715 if ( !W_ERROR_IS_OK(wresult) )
718 buffer_size = ndr_size_QUERY_SERVICE_CONFIG(r->out.query, 0);
719 *r->out.needed = (buffer_size > r->in.offered) ? buffer_size : r->in.offered;
721 if (buffer_size > r->in.offered ) {
722 ZERO_STRUCTP(r->out.query);
723 return WERR_INSUFFICIENT_BUFFER;
729 /********************************************************************
730 _svcctl_QueryServiceConfig2W
731 ********************************************************************/
733 WERROR _svcctl_QueryServiceConfig2W(pipes_struct *p,
734 struct svcctl_QueryServiceConfig2W *r)
736 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
739 /* perform access checks */
741 if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
744 if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_CONFIG) )
745 return WERR_ACCESS_DENIED;
747 /* we have to set the outgoing buffer size to the same as the
748 incoming buffer size (even in the case of failure */
749 *r->out.needed = r->in.offered;
751 switch ( r->in.info_level ) {
752 case SERVICE_CONFIG_DESCRIPTION:
754 struct SERVICE_DESCRIPTION desc_buf;
755 const char *description;
756 enum ndr_err_code ndr_err;
759 description = svcctl_lookup_description(
760 p->mem_ctx, info->name, p->server_info->ptok);
762 desc_buf.description = description;
764 ndr_err = ndr_push_struct_blob(&blob, p->mem_ctx, &desc_buf,
765 (ndr_push_flags_fn_t)ndr_push_SERVICE_DESCRIPTION);
766 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
767 return WERR_INVALID_PARAM;
770 buffer_size = ndr_size_SERVICE_DESCRIPTION(&desc_buf, 0);
771 r->out.buffer = blob.data;
776 case SERVICE_CONFIG_FAILURE_ACTIONS:
778 struct SERVICE_FAILURE_ACTIONS actions;
779 enum ndr_err_code ndr_err;
782 /* nothing to say...just service the request */
784 ZERO_STRUCT( actions );
786 ndr_err = ndr_push_struct_blob(&blob, p->mem_ctx, &actions,
787 (ndr_push_flags_fn_t)ndr_push_SERVICE_FAILURE_ACTIONS);
788 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
789 return WERR_INVALID_PARAM;
792 buffer_size = ndr_size_SERVICE_FAILURE_ACTIONS(&actions, 0);
793 r->out.buffer = blob.data;
800 return WERR_UNKNOWN_LEVEL;
803 buffer_size += buffer_size % 4;
804 *r->out.needed = (buffer_size > r->in.offered) ? buffer_size : r->in.offered;
806 if (buffer_size > r->in.offered)
807 return WERR_INSUFFICIENT_BUFFER;
812 /********************************************************************
813 _svcctl_LockServiceDatabase
814 ********************************************************************/
816 WERROR _svcctl_LockServiceDatabase(pipes_struct *p,
817 struct svcctl_LockServiceDatabase *r)
819 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
821 /* perform access checks */
823 if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
826 if ( !(info->access_granted & SC_RIGHT_MGR_LOCK) )
827 return WERR_ACCESS_DENIED;
829 /* Just open a handle. Doesn't actually lock anything */
831 return create_open_service_handle( p, r->out.lock, SVC_HANDLE_IS_DBLOCK, NULL, 0 );
834 /********************************************************************
835 _svcctl_UnlockServiceDatabase
836 ********************************************************************/
838 WERROR _svcctl_UnlockServiceDatabase(pipes_struct *p,
839 struct svcctl_UnlockServiceDatabase *r)
841 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.lock );
844 if ( !info || (info->type != SVC_HANDLE_IS_DBLOCK) )
847 return close_policy_hnd( p, r->out.lock) ? WERR_OK : WERR_BADFID;
850 /********************************************************************
851 _svcctl_QueryServiceObjectSecurity
852 ********************************************************************/
854 WERROR _svcctl_QueryServiceObjectSecurity(pipes_struct *p,
855 struct svcctl_QueryServiceObjectSecurity *r)
857 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
858 struct security_descriptor *sec_desc;
860 uint8_t *buffer = NULL;
864 /* only support the SCM and individual services */
866 if ( !info || !(info->type & (SVC_HANDLE_IS_SERVICE|SVC_HANDLE_IS_SCM)) )
869 /* check access reights (according to MSDN) */
871 if ( !(info->access_granted & STD_RIGHT_READ_CONTROL_ACCESS) )
872 return WERR_ACCESS_DENIED;
874 /* TODO: handle something besides DACL_SECURITY_INFORMATION */
876 if ( (r->in.security_flags & DACL_SECURITY_INFORMATION) != DACL_SECURITY_INFORMATION )
877 return WERR_INVALID_PARAM;
879 /* lookup the security descriptor and marshall it up for a reply */
881 if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, info->name, get_root_nt_token() )) )
884 *r->out.needed = ndr_size_security_descriptor(sec_desc, 0);
886 if ( *r->out.needed > r->in.offered) {
887 return WERR_INSUFFICIENT_BUFFER;
890 status = marshall_sec_desc(p->mem_ctx, sec_desc, &buffer, &len);
891 if (!NT_STATUS_IS_OK(status)) {
892 return ntstatus_to_werror(status);
895 *r->out.needed = len;
896 r->out.buffer = buffer;
901 /********************************************************************
902 _svcctl_SetServiceObjectSecurity
903 ********************************************************************/
905 WERROR _svcctl_SetServiceObjectSecurity(pipes_struct *p,
906 struct svcctl_SetServiceObjectSecurity *r)
908 SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle );
909 struct security_descriptor *sec_desc = NULL;
910 uint32 required_access;
913 if ( !info || !(info->type & (SVC_HANDLE_IS_SERVICE|SVC_HANDLE_IS_SCM)) )
916 /* can't set the security de4scriptor on the ServiceControlManager */
918 if ( info->type == SVC_HANDLE_IS_SCM )
919 return WERR_ACCESS_DENIED;
921 /* check the access on the open handle */
923 switch ( r->in.security_flags ) {
924 case DACL_SECURITY_INFORMATION:
925 required_access = STD_RIGHT_WRITE_DAC_ACCESS;
928 case OWNER_SECURITY_INFORMATION:
929 case GROUP_SECURITY_INFORMATION:
930 required_access = STD_RIGHT_WRITE_OWNER_ACCESS;
933 case SACL_SECURITY_INFORMATION:
934 return WERR_INVALID_PARAM;
936 return WERR_INVALID_PARAM;
939 if ( !(info->access_granted & required_access) )
940 return WERR_ACCESS_DENIED;
942 /* read the security descfriptor */
944 status = unmarshall_sec_desc(p->mem_ctx,
948 if (!NT_STATUS_IS_OK(status)) {
949 return ntstatus_to_werror(status);
952 /* store the new SD */
954 if ( !svcctl_set_secdesc( p->mem_ctx, info->name, sec_desc,
955 p->server_info->ptok) )
956 return WERR_ACCESS_DENIED;
962 WERROR _svcctl_DeleteService(pipes_struct *p, struct svcctl_DeleteService *r)
964 p->rng_fault_state = True;
965 return WERR_NOT_SUPPORTED;
968 WERROR _svcctl_SetServiceStatus(pipes_struct *p, struct svcctl_SetServiceStatus *r)
970 p->rng_fault_state = True;
971 return WERR_NOT_SUPPORTED;
974 WERROR _svcctl_NotifyBootConfigStatus(pipes_struct *p, struct svcctl_NotifyBootConfigStatus *r)
976 p->rng_fault_state = True;
977 return WERR_NOT_SUPPORTED;
980 WERROR _svcctl_SCSetServiceBitsW(pipes_struct *p, struct svcctl_SCSetServiceBitsW *r)
982 p->rng_fault_state = True;
983 return WERR_NOT_SUPPORTED;
986 WERROR _svcctl_ChangeServiceConfigW(pipes_struct *p, struct svcctl_ChangeServiceConfigW *r)
988 p->rng_fault_state = True;
989 return WERR_NOT_SUPPORTED;
992 WERROR _svcctl_CreateServiceW(pipes_struct *p, struct svcctl_CreateServiceW *r)
994 p->rng_fault_state = True;
995 return WERR_NOT_SUPPORTED;
998 WERROR _svcctl_QueryServiceLockStatusW(pipes_struct *p, struct svcctl_QueryServiceLockStatusW *r)
1000 p->rng_fault_state = True;
1001 return WERR_NOT_SUPPORTED;
1004 WERROR _svcctl_GetServiceKeyNameW(pipes_struct *p, struct svcctl_GetServiceKeyNameW *r)
1006 p->rng_fault_state = True;
1007 return WERR_NOT_SUPPORTED;
1010 WERROR _svcctl_SCSetServiceBitsA(pipes_struct *p, struct svcctl_SCSetServiceBitsA *r)
1012 p->rng_fault_state = True;
1013 return WERR_NOT_SUPPORTED;
1016 WERROR _svcctl_ChangeServiceConfigA(pipes_struct *p, struct svcctl_ChangeServiceConfigA *r)
1018 p->rng_fault_state = True;
1019 return WERR_NOT_SUPPORTED;
1022 WERROR _svcctl_CreateServiceA(pipes_struct *p, struct svcctl_CreateServiceA *r)
1024 p->rng_fault_state = True;
1025 return WERR_NOT_SUPPORTED;
1028 WERROR _svcctl_EnumDependentServicesA(pipes_struct *p, struct svcctl_EnumDependentServicesA *r)
1030 p->rng_fault_state = True;
1031 return WERR_NOT_SUPPORTED;
1034 WERROR _svcctl_EnumServicesStatusA(pipes_struct *p, struct svcctl_EnumServicesStatusA *r)
1036 p->rng_fault_state = True;
1037 return WERR_NOT_SUPPORTED;
1040 WERROR _svcctl_OpenSCManagerA(pipes_struct *p, struct svcctl_OpenSCManagerA *r)
1042 p->rng_fault_state = True;
1043 return WERR_NOT_SUPPORTED;
1046 WERROR _svcctl_OpenServiceA(pipes_struct *p, struct svcctl_OpenServiceA *r)
1048 p->rng_fault_state = True;
1049 return WERR_NOT_SUPPORTED;
1052 WERROR _svcctl_QueryServiceConfigA(pipes_struct *p, struct svcctl_QueryServiceConfigA *r)
1054 p->rng_fault_state = True;
1055 return WERR_NOT_SUPPORTED;
1058 WERROR _svcctl_QueryServiceLockStatusA(pipes_struct *p, struct svcctl_QueryServiceLockStatusA *r)
1060 p->rng_fault_state = True;
1061 return WERR_NOT_SUPPORTED;
1064 WERROR _svcctl_StartServiceA(pipes_struct *p, struct svcctl_StartServiceA *r)
1066 p->rng_fault_state = True;
1067 return WERR_NOT_SUPPORTED;
1070 WERROR _svcctl_GetServiceDisplayNameA(pipes_struct *p, struct svcctl_GetServiceDisplayNameA *r)
1072 p->rng_fault_state = True;
1073 return WERR_NOT_SUPPORTED;
1076 WERROR _svcctl_GetServiceKeyNameA(pipes_struct *p, struct svcctl_GetServiceKeyNameA *r)
1078 p->rng_fault_state = True;
1079 return WERR_NOT_SUPPORTED;
1082 WERROR _svcctl_GetCurrentGroupeStateW(pipes_struct *p, struct svcctl_GetCurrentGroupeStateW *r)
1084 p->rng_fault_state = True;
1085 return WERR_NOT_SUPPORTED;
1088 WERROR _svcctl_EnumServiceGroupW(pipes_struct *p, struct svcctl_EnumServiceGroupW *r)
1090 p->rng_fault_state = True;
1091 return WERR_NOT_SUPPORTED;
1094 WERROR _svcctl_ChangeServiceConfig2A(pipes_struct *p, struct svcctl_ChangeServiceConfig2A *r)
1096 p->rng_fault_state = True;
1097 return WERR_NOT_SUPPORTED;
1100 WERROR _svcctl_ChangeServiceConfig2W(pipes_struct *p, struct svcctl_ChangeServiceConfig2W *r)
1102 p->rng_fault_state = True;
1103 return WERR_NOT_SUPPORTED;
1106 WERROR _svcctl_QueryServiceConfig2A(pipes_struct *p, struct svcctl_QueryServiceConfig2A *r)
1108 p->rng_fault_state = True;
1109 return WERR_NOT_SUPPORTED;
1112 WERROR _EnumServicesStatusExA(pipes_struct *p, struct EnumServicesStatusExA *r)
1114 p->rng_fault_state = True;
1115 return WERR_NOT_SUPPORTED;
1118 WERROR _EnumServicesStatusExW(pipes_struct *p, struct EnumServicesStatusExW *r)
1120 p->rng_fault_state = True;
1121 return WERR_NOT_SUPPORTED;
1124 WERROR _svcctl_SCSendTSMessage(pipes_struct *p, struct svcctl_SCSendTSMessage *r)
1126 p->rng_fault_state = True;
1127 return WERR_NOT_SUPPORTED;