2 * Unix SMB/CIFS implementation.
4 * Eventlog RPC server keys initialization
6 * Copyright (c) 2005 Marcin Krzysztof Porwit
7 * Copyright (c) 2005 Brian Moran
8 * Copyright (c) 2005 Gerald (Jerry) Carter
9 * Copyright (c) 2011 Andreas Schneider <asn@samba.org>
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <http://www.gnu.org/licenses/>.
26 #include "../librpc/gen_ndr/ndr_winreg_c.h"
27 #include "rpc_client/cli_winreg_int.h"
28 #include "rpc_client/cli_winreg.h"
29 #include "rpc_server/eventlog/srv_eventlog_reg.h"
33 #define DBGC_CLASS DBGC_REGISTRY
35 #define TOP_LEVEL_EVENTLOG_KEY "SYSTEM\\CurrentControlSet\\Services\\Eventlog"
37 bool eventlog_init_winreg(struct messaging_context *msg_ctx)
39 struct dcerpc_binding_handle *h = NULL;
40 uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
41 struct policy_handle hive_hnd, key_hnd;
42 uint32_t uiMaxSize = 0x00080000;
43 uint32_t uiRetention = 0x93A80;
44 const char **elogs = lp_eventlog_list();
45 const char **subkeys = NULL;
46 uint32_t num_subkeys = 0;
50 WERROR result = WERR_OK;
54 tmp_ctx = talloc_stackframe();
55 if (tmp_ctx == NULL) {
59 DEBUG(3, ("Initialise the eventlog registry keys if needed.\n"));
61 key = talloc_strdup(tmp_ctx, TOP_LEVEL_EVENTLOG_KEY);
63 status = dcerpc_winreg_int_hklm_openkey(tmp_ctx,
64 get_session_info_system(),
73 if (!NT_STATUS_IS_OK(status)) {
74 DEBUG(0, ("eventlog_init_winreg: Could not open %s - %s\n",
75 key, nt_errstr(status)));
78 if (!W_ERROR_IS_OK(result)) {
79 DEBUG(0, ("eventlog_init_winreg: Could not open %s - %s\n",
80 key, win_errstr(result)));
84 status = dcerpc_winreg_enum_keys(tmp_ctx,
90 if (!NT_STATUS_IS_OK(status)) {
91 DEBUG(0, ("eventlog_init_winreg: Could enum keys at %s - %s\n",
92 key, nt_errstr(status)));
95 if (!W_ERROR_IS_OK(result)) {
96 DEBUG(0, ("eventlog_init_winreg: Could enum keys at %s - %s\n",
97 key, win_errstr(result)));
101 if (is_valid_policy_hnd(&key_hnd)) {
102 dcerpc_winreg_CloseKey(h, tmp_ctx, &key_hnd, &result);
105 /* create subkeys if they don't exist */
106 while (elogs && *elogs) {
107 enum winreg_CreateAction action = REG_ACTION_NONE;
108 char *evt_tdb = NULL;
109 struct winreg_String wkey;
110 struct winreg_String wkeyclass;
113 for (i = 0; i < num_subkeys; i++) {
114 if (strequal(subkeys[i], *elogs)) {
124 ZERO_STRUCT(key_hnd);
127 wkey.name = talloc_asprintf(tmp_ctx, "%s\\%s", key, *elogs);
128 if (wkey.name == NULL) {
133 ZERO_STRUCT(wkeyclass);
137 status = dcerpc_winreg_CreateKey(h,
148 if (!NT_STATUS_IS_OK(status)) {
149 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
150 wkey.name, nt_errstr(status)));
153 if (!W_ERROR_IS_OK(result)) {
154 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
155 wkey.name, win_errstr(result)));
159 status = dcerpc_winreg_set_dword(tmp_ctx,
166 status = dcerpc_winreg_set_dword(tmp_ctx,
173 status = dcerpc_winreg_set_sz(tmp_ctx,
180 evt_tdb = talloc_asprintf(tmp_ctx,
181 "%%SystemRoot%%\\system32\\config\\%s.tdb",
183 if (evt_tdb == NULL) {
186 status = dcerpc_winreg_set_expand_sz(tmp_ctx,
192 TALLOC_FREE(evt_tdb);
194 status = dcerpc_winreg_add_multi_sz(tmp_ctx,
201 if (is_valid_policy_hnd(&key_hnd)) {
202 dcerpc_winreg_CloseKey(h, tmp_ctx, &key_hnd, &result);
207 uint32_t uiCategoryCount = 0x00000007;
209 wkey.name = talloc_asprintf(tmp_ctx,
212 if (wkey.name == NULL) {
217 status = dcerpc_winreg_CreateKey(h,
228 if (!NT_STATUS_IS_OK(status)) {
229 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
230 wkey.name, nt_errstr(status)));
233 if (!W_ERROR_IS_OK(result)) {
234 DEBUG(0, ("eventlog_init_winreg_keys: Could not create key %s: %s\n",
235 wkey.name, win_errstr(result)));
239 status = dcerpc_winreg_set_dword(tmp_ctx,
246 status = dcerpc_winreg_set_expand_sz(tmp_ctx,
249 "CategoryMessageFile",
250 "%SystemRoot%\\system32\\eventlog.dll",
253 if (is_valid_policy_hnd(&key_hnd)) {
254 dcerpc_winreg_CloseKey(h, tmp_ctx, &key_hnd, &result);
263 TALLOC_FREE(tmp_ctx);
267 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */