1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#include <u.h>
#include <libc.h>
#include <auth.h>
#include <fcall.h>
#include <thread.h>
#include <9p.h>
#include "cifs.h"
struct { /* Well known security IDs */
char *name;
char *auth;
char *rid;
} known[] = {
/* default local users */
{ "lu.dialup", "S-1-5-1", nil },
{ "lu.network", "S-1-5-2", nil },
{ "lu.batch", "S-1-5-3", nil },
{ "lu.interactive", "S-1-5-4", nil },
{ "lu.service", "S-1-5-6", nil },
{ "lu.anon", "S-1-5-7", nil },
{ "lu.DC", "S-1-5-8", nil },
{ "lu.enterprise-domain", "S-1-5-9", nil },
{ "lu.self", "S-1-5-10", nil },
{ "lu.authenticated", "S-1-5-11", nil },
{ "lu.restricted", "S-1-5-12", nil },
{ "lu.terminal-services", "S-1-5-13", nil },
{ "lu.remote-desktop", "S-1-5-14", nil },
{ "lu.local-system", "S-1-5-18", nil },
{ "lu.local-service", "S-1-5-19", nil },
{ "lu.network-service", "S-1-5-20", nil },
{ "lu.builtin", "S-1-5-32", nil },
/* default local groups */
{ "lg.null", "S-1-0-0", nil },
{ "lg.world", "S-1-1-0", nil },
{ "lg.local", "S-1-2-0", nil },
{ "lg.creator-owner", "S-1-3-0", nil },
{ "lg.creator-group", "S-1-3-1", nil },
{ "lg.creator-owner-server", "S-1-3-2", nil },
{ "lg.creator-group-server", "S-1-3-3", nil },
/* default domain users */
{ "du.admin", "S-1-5", "500" },
{ "du.guest", "S-1-5", "501" },
{ "du.kerberos", "S-1-5", "502" },
/* default domain groups */
{ "dg.admins", "S-1-5-21", "512" },
{ "dg.users", "S-1-5-21", "513" },
{ "dg.guests", "S-1-5", "514" },
{ "dg.computers", "S-1-5", "515" },
{ "dg.controllers", "S-1-5", "516" },
{ "dg.cert-admins", "S-1-5", "517" },
{ "dg.schema-admins", "S-1-5", "518" },
{ "dg.enterprise-admins", "S-1-5", "519" },
{ "dg.group-policy-admins", "S-1-5", "520" },
{ "dg.remote-access", "S-1-5", "553" },
/* default domain aliases */
{ "da.admins", "S-1-5", "544" },
{ "da.users", "S-1-5", "545" },
{ "da.guests", "S-1-5", "546" },
{ "da.power-users", "S-1-5", "547" },
{ "da.account-operators", "S-1-5", "548" },
{ "da.server-operators", "S-1-5", "549" },
{ "da.print-operators", "S-1-5", "550" },
{ "da.backup-operators", "S-1-5", "551" },
{ "da.replicator", "S-1-5", "552" },
{ "da.RAS-servers", "S-1-5", "553" },
};
static char *
sid2name(char *sid)
{
int i;
char *rid;
if(sid == nil || (rid = strrchr(sid, '-')) == nil || *++rid == 0)
return estrdup9p("-");
for(i = 0; i < nelem(known); i++){
if(strcmp(known[i].auth, sid) == 0 && known[i].rid == nil)
return estrdup9p(known[i].name);
if(strlen(known[i].auth) < strlen(sid) &&
strncmp(known[i].auth, sid, strlen(known[i].auth)) == 0 &&
known[i].rid && strcmp(known[i].rid, rid) == 0)
return estrdup9p(known[i].name);
}
return estrdup9p(rid);
}
void
upd_names(Session *s, Share *sp, char *path, Dir *d)
{
int fh, result;
char *usid, *gsid;
FInfo fi;
if(d->uid)
free(d->uid);
if(d->gid)
free(d->gid);
if((fh = CIFS_NT_opencreate(s, sp, path, 0, 0, 0, READ_CONTROL,
FILE_SHARE_ALL, FILE_OPEN, &result, &fi)) == -1){
d->uid = estrdup9p("unknown");
d->gid = estrdup9p("unknown");
return;
}
usid = nil;
gsid = nil;
TNTquerysecurity(s, sp, fh, &usid, &gsid);
d->uid = sid2name(usid);
d->gid = sid2name(gsid);
if(fh != -1)
CIFSclose(s, sp, fh);
}
|
