sys/src/cmd/cifs/sid2name.c

   1 #include <u.h>
   2 #include <libc.h>
   3 #include <auth.h>
   4 #include <fcall.h>
   5 #include <thread.h>
   6 #include <9p.h>
   7 #include "cifs.h"
   8
   9 struct {                /* Well known security IDs */
  10         char    *name;
  11         char    *auth;
  12         char    *rid;
  13 } known[] = {
  14         /* default local users */
  15         { "lu.dialup",                  "S-1-5-1",      nil },
  16         { "lu.network",                 "S-1-5-2",      nil },
  17         { "lu.batch",                   "S-1-5-3",      nil },
  18         { "lu.interactive",             "S-1-5-4",      nil },
  19         { "lu.service",                 "S-1-5-6",      nil },
  20         { "lu.anon",                    "S-1-5-7",      nil },
  21         { "lu.DC",                      "S-1-5-8",      nil },
  22         { "lu.enterprise-domain",       "S-1-5-9",      nil },
  23         { "lu.self",                    "S-1-5-10",     nil },
  24         { "lu.authenticated",           "S-1-5-11",     nil },
  25         { "lu.restricted",              "S-1-5-12",     nil },
  26         { "lu.terminal-services",       "S-1-5-13",     nil },
  27         { "lu.remote-desktop",          "S-1-5-14",     nil },
  28         { "lu.local-system",            "S-1-5-18",     nil },
  29         { "lu.local-service",           "S-1-5-19",     nil },
  30         { "lu.network-service",         "S-1-5-20",     nil },
  31         { "lu.builtin",                 "S-1-5-32",     nil },
  32
  33         /* default local groups */
  34         { "lg.null",                    "S-1-0-0",      nil },
  35         { "lg.world",                   "S-1-1-0",      nil },
  36         { "lg.local",                   "S-1-2-0",      nil },
  37         { "lg.creator-owner",           "S-1-3-0",      nil },
  38         { "lg.creator-group",           "S-1-3-1",      nil },
  39         { "lg.creator-owner-server",    "S-1-3-2",      nil },
  40         { "lg.creator-group-server",    "S-1-3-3",      nil },
  41
  42         /* default domain users */
  43         { "du.admin",                   "S-1-5",        "500" },
  44         { "du.guest",                   "S-1-5",        "501" },
  45         { "du.kerberos",                "S-1-5",        "502" },
  46
  47         /* default domain groups */
  48         { "dg.admins",                  "S-1-5-21",     "512" },
  49         { "dg.users",                   "S-1-5-21",     "513" },
  50         { "dg.guests",                  "S-1-5",        "514" },
  51         { "dg.computers",               "S-1-5",        "515" },
  52         { "dg.controllers",             "S-1-5",        "516" },
  53         { "dg.cert-admins",             "S-1-5",        "517" },
  54         { "dg.schema-admins",           "S-1-5",        "518" },
  55         { "dg.enterprise-admins",       "S-1-5",        "519" },
  56         { "dg.group-policy-admins",     "S-1-5",        "520" },
  57         { "dg.remote-access",           "S-1-5",        "553" },
  58
  59         /* default domain aliases */
  60         { "da.admins",                  "S-1-5",        "544" },
  61         { "da.users",                   "S-1-5",        "545" },
  62         { "da.guests",                  "S-1-5",        "546" },
  63         { "da.power-users",             "S-1-5",        "547" },
  64         { "da.account-operators",       "S-1-5",        "548" },
  65         { "da.server-operators",        "S-1-5",        "549" },
  66         { "da.print-operators",         "S-1-5",        "550" },
  67         { "da.backup-operators",        "S-1-5",        "551" },
  68         { "da.replicator",              "S-1-5",        "552" },
  69         { "da.RAS-servers",             "S-1-5",        "553" },
  70
  71 };
  72
  73 static char *
  74 sid2name(char *sid)
  75 {
  76         int i;
  77         char *rid;
  78
  79         if(sid == nil || (rid = strrchr(sid, '-')) == nil || *++rid == 0)
  80                 return estrdup9p("-");
  81
  82         for(i = 0; i < nelem(known); i++){
  83                 if(strcmp(known[i].auth, sid) == 0 && known[i].rid == nil)
  84                         return estrdup9p(known[i].name);
  85
  86                 if(strlen(known[i].auth) < strlen(sid) &&
  87                     strncmp(known[i].auth, sid, strlen(known[i].auth)) == 0 &&
  88                     known[i].rid && strcmp(known[i].rid, rid) == 0)
  89                         return estrdup9p(known[i].name);
  90         }
  91
  92         return estrdup9p(rid);
  93 }
  94
  95 void
  96 upd_names(Session *s, Share *sp, char *path, Dir *d)
  97 {
  98         int fh, result;
  99         char *usid, *gsid;
 100         FInfo fi;
 101
 102         if(d->uid)
 103                 free(d->uid);
 104         if(d->gid)
 105                 free(d->gid);
 106
 107         if((fh = CIFS_NT_opencreate(s, sp, path, 0, 0, 0, READ_CONTROL,
 108             FILE_SHARE_ALL, FILE_OPEN, &result, &fi)) == -1){
 109                 d->uid = estrdup9p("unknown");
 110                 d->gid = estrdup9p("unknown");
 111                 return;
 112         }
 113         usid = nil;
 114         gsid = nil;
 115         TNTquerysecurity(s, sp, fh, &usid, &gsid);
 116         d->uid = sid2name(usid);
 117         d->gid = sid2name(gsid);
 118         if(fh != -1)
 119                 CIFSclose(s, sp, fh);
 120 }