|
|
//#pragma title( "SDResolve.cpp - SDResolve: A Domain Migration Utility" )
/*
Copyright (c) 1995-1998, Mission Critical Software, Inc. All rights reserved.===============================================================================Module - sdresolve.cppSystem - SDResolveAuthor - Christy BolesCreated - 97/07/11Description - Routines to iterate through files, shares, and printers when processing security on a machine. Updates -===============================================================================*/
#include "stdafx.h"
#include <stdlib.h>
#include <stdio.h>
#include <iostream.h>
#include <fstream.h>
#include <assert.h>
#include "Common.hpp"
#include "ErrDct.hpp"
#include "UString.hpp"
#include "sd.hpp"
#include "sidcache.hpp"
#include "enumvols.hpp"
#include "SecObj.hpp"
#include "ealen.hpp"
#include "BkupRstr.hpp"
#include "TxtSid.h"
#include "array.h"
// this makes sure the funciton name IteratePathUnderlying is not mangled by C++
extern "C" {#include "sdresolv_stkoflw.h"
}
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;#endif
bool enforce;extern TErrorDct err;extern bool silent;extern bool IsMachineName(const LPWSTR name);extern bool IsShareName(const LPWSTR name);extern bool ContainsWildcard( WCHAR const * name);
struct SSeException{ SSeException(UINT uCode) : uCode(uCode) { }
UINT uCode;};
void SeTranslator(unsigned int u, EXCEPTION_POINTERS* pepExceptions){ throw SSeException(u);}
#define MAX_BUFFER_LENGTH 10000
#define PRINT_BUFFER_SIZE 2000
//******************************************************************************************************
// Main routine for SDResolve
// Iterates files and directories to be resolved
void IteratePath( WCHAR * path, // in -path to start iterating from
SecurityTranslatorArgs * args, // in -translation settings
TSDResolveStats * stats, // in -stats (to display pathnames & pass to ResolveSD)
TSecurableObject * LC, // in -last container
TSecurableObject * LL, // in -last file
bool haswc // in -indicates whether path contains a wc character
){ _se_translator_function pfnSeTranslatorOld = _set_se_translator((_se_translator_function)SeTranslator);
try { IteratePathUnderlying(path,(void*)args,(void*)stats,(void*)LC,(void*)LL,haswc ? TRUE : FALSE); } catch (SSeException sse) { _set_se_translator(pfnSeTranslatorOld); _com_issue_error(HRESULT_FROM_WIN32(sse.uCode)); } catch (...) { _set_se_translator(pfnSeTranslatorOld); throw; }
_set_se_translator(pfnSeTranslatorOld);}
#define safecopy_wc_array(trg,src) ((src) ? UStrCpy((WCHAR*)trg,src,trg.size()) : *((WCHAR*)trg) = 0)
void IteratePathUnderlying( WCHAR * path, // in -path to start iterating from
void * argsC, // in -translation settings
void * statsC, // in -stats (to display pathnames & pass to ResolveSD)
void * LCC, // in -last container
void * LLC, // in -last file
BOOL haswc // in -indicates whether path contains a wc character
){ SecurityTranslatorArgs *args = (SecurityTranslatorArgs *) argsC; TSDResolveStats *stats = (TSDResolveStats *) statsC; TSecurableObject *LC = (TSecurableObject*) LCC; TSecurableObject *LL = (TSecurableObject*) LLC; HANDLE hFind; WIN32_FIND_DATA findEntry; BOOL b; TFileSD * currSD; bool changeLastCont; bool changeLastLeaf; WCHAR * appendPath = NULL; c_array<WCHAR> safepath(LEN_Path + 10); TFileSD * LastContain = (TFileSD*) LC; TFileSD * LastLeaf = (TFileSD*) LL; c_array<WCHAR> localPath(LEN_Path); // this is the first (for this) dir
safecopy_wc_array(safepath,path); safecopy_wc_array(localPath,path); // Check to see if path is longer than MAX_PATH
// if so, add \\?\ to the beginning of it to
// turn off path parsing
if ( UStrLen(path) >= MAX_PATH && path[2] != L'?' ) { WCHAR temp[LEN_Path];
if ( (path[0] == L'\\') && (path[1] == L'\\') ) // UNC name
{ UStrCpy(temp,L"\\\\?\\UNC\\"); } else { UStrCpy(temp,L"\\\\?\\"); } UStrCpy(temp + UStrLen(temp),path); safecopy_wc_array(localPath,temp); } appendPath = (WCHAR*)localPath + UStrLen((WCHAR*)localPath);
if ( *(appendPath-1) == L'\\' ) // if there's already a backslash on the end of the path, don't add another one
appendPath--; if ( ! haswc ) UStrCpy(appendPath, "\\*.*"); if ( args->LogVerbose() ) err.DbgMsgWrite(0,L"Starting IteratePath: %ls",path); for ( b = ((hFind = FindFirstFile((WCHAR*)localPath, &findEntry)) != INVALID_HANDLE_VALUE) ; b ; b = FindNextFile(hFind, &findEntry) ) { if ( ! haswc) appendPath[1] = '\0'; // restore path -- remove \*.* append
if ( ! UStrCmp((LPWSTR)findEntry.cFileName,L".") || ! UStrCmp((LPWSTR)findEntry.cFileName,L"..") ) continue; // ignore names '.' and '..'
if ( ! haswc ) UStrCpy(appendPath+1, findEntry.cFileName); else { for ( WCHAR * ch = appendPath-1; ch >= path && *ch != L'\\' ; ch-- ) ; UStrCpy(ch+1,findEntry.cFileName); } if ( ((TAccountCache *)args->Cache())->IsCancelled() ) { break; } currSD = new TFileSD(localPath, (findEntry.dwFileAttributes & FILE_ATTRIBUTE_SYSTEM) != 0); stats->DisplayPath(localPath); if ( !currSD || !currSD->HasSecurity() ) { //err.MsgWrite(0,"Error: Couldn't get the SD");
} else { if ( findEntry.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) // if dir
{ // resolve this container & iterate next container
changeLastCont = currSD->ResolveSD(args,stats,directory,LastContain); if ( changeLastCont ) { if ( LastContain && LastContain != LC ) { delete LastContain; } LastContain = currSD; } else { delete currSD; } try { BOOL bLogError; UINT status = IteratePathUnderlyingNoObjUnwinding(localPath,(void*)args,(void*)stats,(void*)LastContain,(void*)LastLeaf,FALSE,&bLogError); if (bLogError) err.SysMsgWrite(ErrE, HRESULT_FROM_WIN32(STATUS_STACK_OVERFLOW), DCT_MSG_CANNOT_TRANSLATE_DIRECTORY_SD, (WCHAR*)localPath, HRESULT_FROM_WIN32(STATUS_STACK_OVERFLOW)); if (status != 0) _com_issue_error(HRESULT_FROM_WIN32(status)); } catch (SSeException sse) { err.SysMsgWrite(ErrE, HRESULT_FROM_WIN32(sse.uCode), DCT_MSG_CANNOT_TRANSLATE_DIRECTORY_SD, (WCHAR*)localPath, HRESULT_FROM_WIN32(sse.uCode)); _com_issue_error(HRESULT_FROM_WIN32(sse.uCode)); } } else { // iterate this file with last
changeLastLeaf = currSD->ResolveSD(args,stats,file,LastLeaf); if ( changeLastLeaf ) { if ( LastLeaf && LastLeaf != LL ) { delete LastLeaf; } LastLeaf = currSD; } else { delete currSD; } } } } if ( LastContain && LastContain != LC ) { delete LastContain; } if ( LastLeaf && LastLeaf != LL ) { delete LastLeaf; } appendPath[0] = '\0'; DWORD rc = GetLastError();
if ( args->LogVerbose() ) err.DbgMsgWrite(0,L"Closing IteratePath %S",(WCHAR*)safepath); FindClose(hFind); switch ( rc ) { case ERROR_NO_MORE_FILES: case 0: break; default: err.SysMsgWrite(ErrE, rc, DCT_MSG_FIND_FILE_FAILED_SD, path, rc); }}
DWORD ResolvePrinter( PRINTER_INFO_4 * pPrinter, // in - printer information
SecurityTranslatorArgs * args, // in - translation settings
TSDResolveStats * stats // in - stats
){ DWORD rc = 0;// DWORD needed = 0;
TPrintSD sd(pPrinter->pPrinterName);
if ( sd.GetSecurity() ) { sd.ResolveSD(args,stats,printer,NULL); }
return rc;}
int ServerResolvePrinters( WCHAR const * server, // in -translate the printers on this server
SecurityTranslatorArgs * args, // in -translation settings
TSDResolveStats * stats // in -stats
){ DWORD rc = 0; PRINTER_INFO_4 * pInfo = NULL; BYTE * buffer = new BYTE[PRINT_BUFFER_SIZE]; DWORD cbNeeded = PRINT_BUFFER_SIZE; DWORD nReturned = 0;
if (!buffer) { rc = ERROR_NOT_ENOUGH_MEMORY; }
if (!rc && !EnumPrinters(PRINTER_ENUM_LOCAL,NULL,4,buffer,PRINT_BUFFER_SIZE,&cbNeeded,&nReturned) ) { rc = GetLastError(); if ( rc == ERROR_INSUFFICIENT_BUFFER ) { // try again with a bigger buffer size
delete [] buffer; buffer = NULL;
buffer = new BYTE[cbNeeded]; if (!buffer) { rc = ERROR_NOT_ENOUGH_MEMORY; } else if (! EnumPrinters(PRINTER_ENUM_LOCAL,NULL,4,buffer,cbNeeded,&cbNeeded,&nReturned) ) { rc = GetLastError(); } else rc = ERROR_SUCCESS; } }
if ( ! rc ) { pInfo = (PRINTER_INFO_4 *)buffer; for ( DWORD i = 0 ; i < nReturned && !args->Cache()->IsCancelled(); i++ ) { ResolvePrinter(&(pInfo[i]),args,stats); } } else { err.SysMsgWrite(ErrE,rc,DCT_MSG_ERROR_ENUMERATING_LOCAL_PRINTERS_D,rc); }
if (args->Cache()->IsCancelled()) err.MsgWrite(0, DCT_MSG_OPERATION_ABORTED_PRINTERS);
delete [] buffer;
return rc;}int ServerResolveShares( WCHAR const * server, // in -enumerate and translate the shares on this server
SecurityTranslatorArgs * args, // in -translation settings
TSDResolveStats * stats // in -stats (to display pathnames & pass to ResolveSD)
){ DWORD rc = 0; DWORD numRead = 0; DWORD totalEntries = 0; DWORD resumeHandle = 0; SHARE_INFO_0 * bufPtr = NULL; WCHAR serverName[LEN_Computer]; WCHAR fullPath[LEN_Path]; WCHAR * pServerName = serverName; DWORD ttlRead = 0;
if (!args->Cache()->IsCancelled()) { if ( server ) { safecopy(serverName,server); } else { pServerName = NULL;
}
do { if (args->Cache()->IsCancelled()) break; rc = NetShareEnum(pServerName,0,(LPBYTE *)&bufPtr,MAX_BUFFER_LENGTH,&numRead,&totalEntries,&resumeHandle); if ( ! rc || rc == ERROR_MORE_DATA ) { for ( UINT i = 0 ; i < numRead ; i++ ) { // Process the SD
if ( pServerName ) { swprintf(fullPath,L"%s\\%s",pServerName,bufPtr[i].shi0_netname); } else { swprintf(fullPath,L"%s",bufPtr[i].shi0_netname); }
TShareSD tSD(fullPath);
if ( tSD.HasSecurity() ) { stats->DisplayPath(fullPath,TRUE); tSD.ResolveSD(args,stats,share,NULL); } } ttlRead += numRead; resumeHandle = ttlRead; NetApiBufferFree(bufPtr); } } while ( rc == ERROR_MORE_DATA && numRead < totalEntries);
if ( rc && rc != ERROR_MORE_DATA ) err.SysMsgWrite(ErrE,rc,DCT_MSG_SHARE_ENUM_FAILED_SD,server,rc); }
if (args->Cache()->IsCancelled()) err.MsgWrite(0, DCT_MSG_OPERATION_ABORTED_SHARES); return rc;}
void ResolveFilePath( SecurityTranslatorArgs * args, // in - translation options
TSDResolveStats * Stats, // in - class to display stats
WCHAR * path, // in - path name
bool validAlone, // in - whether this object exists (false for share names and volume roots)
bool containsWC, // in - true if path contains wildcard
bool iscontainer // in - whether the starting path is a container
){ TFileSD * pSD; if ( args->LogVerbose() ) err.MsgWrite(0,DCT_MSG_PROCESSING_S,path); Stats->DisplayPath(path); if ( validAlone && ! containsWC ) { pSD = new TFileSD(path); if (!pSD) return; if ( pSD->HasSecurity() ) pSD->ResolveSD(args, Stats, iscontainer?directory:file, NULL); delete pSD; } if ( iscontainer || containsWC ) { IteratePath(path, args, Stats, NULL, NULL, containsWC); }
if (args->Cache()->IsCancelled()) err.MsgWrite(0, DCT_MSG_OPERATION_ABORTED_FILES); }
void WriteOptions(SecurityTranslatorArgs * args){//* WCHAR cmd[1000] = L"SecurityTranslation ";;
WCHAR cmd[1000]; WCHAR arg[300];
UStrCpy(cmd, GET_STRING(IDS_STOptions_Start)); if ( args->NoChange() ) {//* UStrCpy(cmd +UStrLen(cmd), L"WriteChanges:No ");
UStrCpy(cmd +UStrLen(cmd), GET_STRING(IDS_STOptions_WriteChng)); } if ( args->TranslateFiles() ) {//* UStrCpy(cmd +UStrLen(cmd), L"Files:Yes ");
UStrCpy(cmd +UStrLen(cmd), GET_STRING(IDS_STOptions_Files)); } if ( args->TranslateShares() ) {//* UStrCpy(cmd + UStrLen(cmd),L"Shares:Yes ");
UStrCpy(cmd + UStrLen(cmd),GET_STRING(IDS_STOptions_Shares)); } if ( args->TranslateLocalGroups() ) {//* UStrCpy(cmd + UStrLen(cmd),L"LGroups:Yes ");
UStrCpy(cmd + UStrLen(cmd),GET_STRING(IDS_STOptions_LocalGroup)); } if ( args->TranslateUserRights() ) {// UStrCpy(cmd + UStrLen(cmd),L"UserRights:Yes ");
UStrCpy(cmd + UStrLen(cmd),GET_STRING(IDS_STOptions_URights)); } if ( args->TranslatePrinters() ) {// UStrCpy(cmd + UStrLen(cmd),L"UserRights:Yes ");
UStrCpy(cmd + UStrLen(cmd),GET_STRING(IDS_STOptions_Printers)); } if ( args->TranslateUserProfiles() ) {//* UStrCpy(cmd + UStrLen(cmd),L"Profiles:Yes ");
UStrCpy(cmd + UStrLen(cmd),GET_STRING(IDS_STOptions_Profiles)); } if ( args->TranslateRecycler() ) {//* UStrCpy(cmd + UStrLen(cmd),L"RecycleBin:Yes ");
UStrCpy(cmd + UStrLen(cmd),GET_STRING(IDS_STOptions_RBin)); } if ( *args->LogFile() ) {//* wsprintf(arg,L"LogFile:%S ",args->LogFile());
wsprintf(arg,GET_STRING(IDS_STOptions_LogName),args->LogFile()); UStrCpy(cmd +UStrLen(cmd), arg); } if ( args->TranslationMode() == ADD_SECURITY ) {//* UStrCpy(cmd +UStrLen(cmd), L"TranslationMode:Add ");
UStrCpy(cmd +UStrLen(cmd), GET_STRING(IDS_STOptions_AddMode)); } else if ( args->TranslationMode() == REMOVE_SECURITY ) {//* UStrCpy(cmd +UStrLen(cmd), L"TranslationMode:Remove ");
UStrCpy(cmd +UStrLen(cmd), GET_STRING(IDS_STOptions_RemoveMode)); } else {//* UStrCpy(cmd + UStrLen(cmd),L"TranslationMode:Replace ");
UStrCpy(cmd + UStrLen(cmd),GET_STRING(IDS_STOptions_ReplaceMode)); } wsprintf(arg,L"%s %s ",args->Source(), args->Target()); UStrCpy(cmd +UStrLen(cmd), arg);
err.MsgWrite(0,DCT_MSG_GENERIC_S,&*cmd);}
void TranslateRecycler( SecurityTranslatorArgs * args, // in - translation options
TSDResolveStats * Stats, // in - class to display stats
WCHAR * path // in - drive name
){ err.MsgWrite(0,DCT_MSG_PROCESSING_RECYCLER_S,path); WCHAR folder[LEN_Path]; WCHAR const * recycler = L"RECYCLER"; WCHAR strSid[200]; WCHAR srcPath[LEN_Path]; WCHAR tgtPath[LEN_Path]; DWORD lenStrSid = DIM(strSid); _wfinddata_t fData;// long hRecycler;
LONG_PTR hRecycler; PSID pSidSrc = NULL, pSidTgt = NULL; TRidNode * pNode; DWORD rc = 0; BOOL bUseMapFile = args->UsingMapFile();
swprintf(folder,L"%s\\%s\\*",path,recycler);
long mode = args->TranslationMode();
// Windows 2000 checks the SD for the recycle bin when the recycle bin is opened. If the SD does not match the
// default template (permissions for user, admin, and system), Windows displays a message that the recycle bin is corrupt.
// This change may also be in NT 4 SP 7. To avoid causing this corrupt recycle bin message, we will always translate the
// recycle bins in replace mode. We will not change if we are doing a remove.
if (args->TranslationMode() != REMOVE_SECURITY) args->SetTranslationMode(REPLACE_SECURITY); // use _wfind to look for hidden files in the folder
for ( hRecycler = _wfindfirst(folder,&fData) ; hRecycler != -1 && ( rc == 0 ); rc = (DWORD)_wfindnext(hRecycler,&fData) ) { pSidSrc = SidFromString(fData.name); if ( pSidSrc ) { err.MsgWrite(0,DCT_MSG_PROCESSING_RECYCLE_FOLDER_S,fData.name); if (!bUseMapFile) pNode = (TRidNode*)args->Cache()->Lookup(pSidSrc); else pNode = (TRidNode*)args->Cache()->LookupWODomain(pSidSrc); if ( pNode && pNode != (TRidNode*)-1 ) { if (!bUseMapFile) pSidTgt = args->Cache()->GetTgtSid(pNode); else pSidTgt = args->Cache()->GetTgtSidWODomain(pNode); // get the target directory name
GetTextualSid(pSidTgt,strSid,&lenStrSid); if ( args->LogVerbose() ) err.DbgMsgWrite(0,L"Target sid is: %ls",strSid); if ( ! args->NoChange() && args->TranslationMode() != REMOVE_SECURITY ) { // rename the directory
swprintf(srcPath,L"%s\\%s\\%s",path,recycler,fData.name); swprintf(tgtPath,L"%s\\%s\\%s",path,recycler,strSid); if ( ! MoveFile(srcPath,tgtPath) ) { rc = GetLastError(); if ( (rc == ERROR_ALREADY_EXISTS) && (args->TranslationMode() == REPLACE_SECURITY) ) { // the target recycle bin already exists
// attempt to rename it with a suffix, so we can rename the new bin to the SID
WCHAR tmpPath[LEN_Path]; long ndx = 0;
do { swprintf(tmpPath,L"%ls%ls%ld",tgtPath,GET_STRING(IDS_RenamedRecyclerSuffix),ndx); if (! MoveFile(tgtPath,tmpPath) ) { rc = GetLastError(); ndx++; } else { rc = 0; err.MsgWrite(0,DCT_MSG_RECYCLER_RENAMED_SS,tgtPath,tmpPath); } } while ( rc == ERROR_ALREADY_EXISTS ); if ( ! rc ) { // we have moved the pre-existing target recycler out of the way
// now retry the rename
if (! MoveFile(srcPath,tgtPath) ) { err.SysMsgWrite(ErrE,rc,DCT_MSG_RECYCLER_RENAME_FAILED_SD,pNode->GetAcctName(),rc); } else { err.MsgWrite(0,DCT_MSG_RECYCLER_RENAMED_SS,srcPath,tgtPath); // run security translation on the new folder
ResolveFilePath(args,Stats,tgtPath,TRUE,FALSE,TRUE); } } else { err.SysMsgWrite(ErrE,rc,DCT_MSG_RECYCLER_RENAME_FAILED_SD,pNode->GetAcctName(),rc); } } else { err.SysMsgWrite(ErrE,rc,DCT_MSG_RECYCLER_RENAME_FAILED_SD,pNode->GetAcctName(),rc); } } else { err.MsgWrite(0,DCT_MSG_RECYCLER_RENAMED_SS,srcPath,tgtPath); // run security translation on the new folder
ResolveFilePath(args,Stats,tgtPath,TRUE,FALSE,TRUE); }
} free(pSidTgt); } FreeSid(pSidSrc); } } // set the translation mode back to its original value
args->SetTranslationMode(mode);}
// if the specified node is a normal share, this attempts to convert it to a path
// using the administrative shares
void BuildAdminPathForShare( TPathNode * tnode, WCHAR * adminShare ){ // if all else fails, return the same name as specified in the node
UStrCpy(adminShare,tnode->GetPathName());
SHARE_INFO_502 * shInfo = NULL; DWORD rc = 0; WCHAR shareName[LEN_Path]; WCHAR * slash = NULL;
UStrCpy(shareName,tnode->GetPathName() + UStrLen(tnode->GetServerName()) +1); slash = wcschr(shareName,L'\\'); if ( slash ) *slash = 0;
rc = NetShareGetInfo(tnode->GetServerName(),shareName,502,(LPBYTE*)&shInfo); if ( ! rc ) { if ( *shInfo->shi502_path ) { // build the administrative path name for the share
UStrCpy(adminShare,tnode->GetServerName()); UStrCpy(adminShare + UStrLen(adminShare),L"\\"); UStrCpy(adminShare + UStrLen(adminShare),shInfo->shi502_path); WCHAR * colon = wcschr(adminShare,L':'); if ( colon ) { *colon = L'$'; UStrCpy(adminShare + UStrLen(adminShare),L"\\"); UStrCpy(adminShare + UStrLen(adminShare),slash+1);
} else { // something went wrong -- revert to the given path
UStrCpy(adminShare,tnode->GetPathName()); }
} NetApiBufferFree(shInfo); }}
// Main routine for resolving file and directory SD's.
int ResolveAll( SecurityTranslatorArgs * args, // in- translation settings
TSDResolveStats * Stats // in- counts of examined, changed objects, etc.
){ WCHAR * warg; WCHAR * machine; UINT errmode; int retcode = 0; TPathNode * tnode; errmode = SetErrorMode(SEM_FAILCRITICALERRORS); if ( ! retcode ) { WriteOptions(args); Stats->InitDisplay(args->NoChange());
err.MsgWrite(0,DCT_MSG_FST_STARTING); // Process Files and Directories
if (! args->IsLocalSystem() ) { TNodeListEnum tenum; for (tnode = (TPathNode *)tenum.OpenFirst((TNodeList *)args->PathList()) ; tnode && !args->Cache()->IsCancelled(); tnode = (TPathNode *)tenum.Next() ) { DWORD rc; BOOL needToGetBR = FALSE;// BOOL abort = FALSE;
// BOOL firstTime = TRUE;
warg = tnode->GetPathName(); machine = GetMachineName(warg); needToGetBR = ( args->TranslateFiles() );
if ( *tnode->GetServerName() && ! args->IsLocalSystem() ) { warg = tnode->GetPathName(); err.MsgWrite(0,DCT_MSG_PROCESSING_S,warg); if ( args->TranslateFiles() && !args->Cache()->IsCancelled()) { if ( needToGetBR ) { //get needed privileges and keep them until the agent removes itself
GetBkupRstrPriv(tnode->GetServerName()); } if ( IsMachineName(warg) ) { // need to process each drive on this machine
TVolumeEnum vEnum; rc = vEnum.Open(warg,VERIFY_PERSISTENT_ACLS,args->LogVerbose()); if ( rc ) { err.SysMsgWrite(ErrE,rc,DCT_MSG_ERROR_ACCESSING_DRIVES_SD,warg,rc); } else { while ( (warg = vEnum.Next()) && !args->Cache()->IsCancelled()) {
ResolveFilePath(args, Stats, warg, false, // not valid alone
false, // no wildcard
true ); // container
} warg = machine; } vEnum.Close(); } else { WCHAR adminShare[LEN_Path]; // Verify that the volume is NTFS
rc = tnode->VerifyPersistentAcls(); switch ( rc ) { case ERROR_SUCCESS: // Process the path
// if it's a share name, process the root of the share
if( IsShareName(tnode->GetPathName()) ) { WCHAR sharePath[LEN_Path]; swprintf(sharePath,L"%s\\.",tnode->GetPathName()); TFileSD sd(sharePath); if ( sd.HasSecurity() ) { sd.ResolveSD(args, Stats, directory, NULL); } } // if this is a normal share, convert it to an administrative share
// path, so that we can take advantage of backup/restore privileges
BuildAdminPathForShare(tnode,adminShare); ResolveFilePath(args, Stats, adminShare, !IsShareName(tnode->GetPathName()), ContainsWildcard(tnode->GetPathName()), tnode->IsContainer() || IsShareName(tnode->GetPathName())); break; case ERROR_NO_SECURITY_ON_OBJECT: err.MsgWrite(ErrW,DCT_MSG_SKIPPING_FAT_VOLUME_S,warg); break; default: err.SysMsgWrite(ErrE,rc,DCT_MSG_SKIPPING_PATH_SD,warg,rc ); break; } } } // Process the shares for this machine
if ( args->TranslateShares() && !args->Cache()->IsCancelled()) { if ( IsMachineName(warg) ) { err.MsgWrite(0,DCT_MSG_PROCESSING_SHARES_S,tnode->GetServerName()); ServerResolveShares(tnode->GetServerName(),args,Stats); } else if ( IsShareName(warg) ) { TShareSD sd(warg); if ( sd.HasSecurity() ) { if ( args->LogVerbose() ) { err.MsgWrite(0,DCT_MSG_PROCESSING_SHARE_S,warg); } sd.ResolveSD(args, Stats, share, NULL); } } } } else { // this is a local path
// Verify that the volume is NTFS
DWORD rc2; //get needed privileges and keep them until the agent removes itself
GetBkupRstrPriv((WCHAR*)NULL); rc2 = tnode->VerifyPersistentAcls(); switch ( rc2 ) { case ERROR_SUCCESS: // Process the path
if ( args->TranslateFiles() ) { ResolveFilePath(args, Stats, tnode->GetPathName(), true, // isValidAlone
ContainsWildcard(tnode->GetPathName()), tnode->IsContainer() ); } break; case ERROR_NO_SECURITY_ON_OBJECT: err.MsgWrite(ErrW,DCT_MSG_SKIPPING_FAT_VOLUME_S,warg); break; default: err.SysMsgWrite(ErrE,rc2,DCT_MSG_SKIPPING_PATH_SD,warg,rc2 ); break; } } if ( machine ) { delete machine; machine = NULL; } } tenum.Close(); } else { // Translate the entire machine
err.MsgWrite(0,DCT_MSG_LOCAL_TRANSLATION); if ((args->TranslateFiles() || args->TranslateRecycler()) && !args->Cache()->IsCancelled() ) { //get needed privileges and keep them until the agent removes itself
GetBkupRstrPriv((WCHAR const*)NULL); // need to process each drive on this machine
TVolumeEnum vEnum;
vEnum.SetLocalMode(TRUE);
DWORD rc2 = vEnum.Open(NULL,VERIFY_PERSISTENT_ACLS,args->LogVerbose()); if ( rc2 ) { err.SysMsgWrite(ErrE,rc2,DCT_MSG_ERROR_ACCESSING_LOCAL_DRIVES_D,rc2); } else { while ( (warg = vEnum.Next()) && !args->Cache()->IsCancelled()) { err.MsgWrite(0,DCT_MSG_PROCESSING_S,warg); if ( args->TranslateFiles() ) { ResolveFilePath(args, Stats, warg, false, // not valid alone
false, // no wildcard
true ); // container
} if ( args->TranslateRecycler() ) { TranslateRecycler(args,Stats,warg); } } warg = NULL; } vEnum.Close(); } if ( args->TranslateShares() && !args->Cache()->IsCancelled()) { err.MsgWrite(0,DCT_MSG_PROCESSING_LOCAL_SHARES,NULL); ServerResolveShares(NULL,args,Stats); } if ( args->TranslatePrinters() && !args->Cache()->IsCancelled()) { // for printer security translation, we also need to turn on the privilege
if (GetBkupRstrPriv(NULL, TRUE) == FALSE) err.MsgWrite(ErrE, DCT_MSG_UNABLE_TO_OBTAIN_BACKUP_RESTORE_PRIVILEGES, GetLastError()); err.MsgWrite(0,DCT_MSG_PROCESSING_LOCAL_PRINTERS,NULL); ServerResolvePrinters(NULL,args,Stats); // turn off the privilege
if (GetBkupRstrPriv(NULL, FALSE) == FALSE) err.MsgWrite(ErrW, DCT_MSG_UNABLE_TO_RELEASE_BACKUP_RESTORE_PRIVILEGES, GetLastError()); } } Stats->DisplayPath(L""); } // end if ( ! retcode)
SetErrorMode(errmode); return retcode;}
|
