From 9258eca9d4a23ccaa0caf9b5b01020613b2d3ffa Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Fri, 15 Aug 2008 13:08:47 +0000 Subject: [PATCH] * mkgroup.c (fetch_current_pgrp_sid): New function to fetch primary group SID from user token. (current_group): Move up in file. Move fetching primary group SID to fetch_current_pgrp_sid. (enum_local_groups): Check if current SID is the same as current user's primary group SID. (enum_groups): Ditto. (main): Call fetch_current_pgrp_sid before enumerating groups. Call current_group only if current group hasn't been enumerated already. * mkpasswd.c (fetch_current_user_sid): New function to fetch current user SID from user token. (current_user): Move fetching current user SID to fetch_current_user_sid. (enum_users): Check if current SID is the same as current user's SID. (main): Call fetch_current_user_sid before enumerating users. Call current_user only if current user hasn't been enumerated already. --- winsup/utils/ChangeLog | 19 +++++++++ winsup/utils/mkgroup.c | 94 +++++++++++++++++++++++++---------------- winsup/utils/mkpasswd.c | 56 +++++++++++++++++------- 3 files changed, 117 insertions(+), 52 deletions(-) diff --git a/winsup/utils/ChangeLog b/winsup/utils/ChangeLog index 0850faa66..ee94eec8b 100644 --- a/winsup/utils/ChangeLog +++ b/winsup/utils/ChangeLog @@ -1,3 +1,22 @@ +2008-08-15 Corinna Vinschen + + * mkgroup.c (fetch_current_pgrp_sid): New function to fetch primary + group SID from user token. + (current_group): Move up in file. Move fetching primary group SID to + fetch_current_pgrp_sid. + (enum_local_groups): Check if current SID is the same as current user's + primary group SID. + (enum_groups): Ditto. + (main): Call fetch_current_pgrp_sid before enumerating groups. Call + current_group only if current group hasn't been enumerated already. + * mkpasswd.c (fetch_current_user_sid): New function to fetch current + user SID from user token. + (current_user): Move fetching current user SID to + fetch_current_user_sid. + (enum_users): Check if current SID is the same as current user's SID. + (main): Call fetch_current_user_sid before enumerating users. Call + current_user only if current user hasn't been enumerated already. + 2008-08-13 Corinna Vinschen * mount.cc (NT_MAX_PATH): Define. diff --git a/winsup/utils/mkgroup.c b/winsup/utils/mkgroup.c index ea9af72f5..366e02cca 100644 --- a/winsup/utils/mkgroup.c +++ b/winsup/utils/mkgroup.c @@ -153,6 +153,57 @@ typedef struct { DBGSID builtin_sid_list[MAX_BUILTIN_SIDS]; DWORD builtin_sid_cnt; +typedef struct { + PSID psid; + int buffer[10]; +} sidbuf; + +sidbuf curr_pgrp; +BOOL got_curr_pgrp = FALSE; + +void +fetch_current_pgrp_sid () +{ + DWORD len; + HANDLE ptok; + + if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok) + || !GetTokenInformation (ptok, TokenPrimaryGroup, &curr_pgrp, + sizeof curr_pgrp, &len) + || !CloseHandle (ptok)) + { + print_win_error (GetLastError ()); + return; + } +} + +void +current_group (const char *sep, DWORD id_offset) +{ + WCHAR grp[GNLEN + 1]; + WCHAR dom[MAX_DOMAIN_NAME_LEN + 1]; + DWORD glen = GNLEN + 1; + DWORD dlen = MAX_DOMAIN_NAME_LEN + 1; + int gid; + SID_NAME_USE acc_type; + + if (!curr_pgrp.psid + || !LookupAccountSidW (NULL, curr_pgrp.psid, grp, &glen, dom, &dlen, + &acc_type)) + { + print_win_error (GetLastError ()); + return; + } + gid = *GetSidSubAuthority (curr_pgrp.psid, + *GetSidSubAuthorityCount(curr_pgrp.psid) - 1); + printf ("%ls%s%ls:%s:%lu:\n", + sep ? dom : L"", + sep ?: "", + grp, + put_sid (curr_pgrp.psid), + id_offset + gid); +} + void enum_unix_groups (domlist_t *dom_or_machine, const char *sep, DWORD id_offset, char *unix_grp_list) @@ -380,9 +431,9 @@ enum_local_groups (BOOL domain, domlist_t *dom_or_machine, const char *sep, CopySid (sizeof (DBGSID), &builtin_sid_list[builtin_sid_cnt++], psid); } - + if (EqualSid (curr_pgrp.psid, psid)) + got_curr_pgrp = TRUE; gid = *GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1); - printf ("%ls%s%ls:%s:%ld:\n", with_dom && !is_builtin ? domain_name : L"", with_dom && !is_builtin ? sep : "", @@ -503,6 +554,8 @@ enum_groups (BOOL domain, domlist_t *dom_or_machine, const char *sep, continue; } } + if (EqualSid (curr_pgrp.psid, psid)) + got_curr_pgrp = TRUE; printf ("%ls%s%ls:%s:%lu:\n", with_dom ? domain_name : L"", with_dom ? sep : "", @@ -557,39 +610,6 @@ print_special (PSID_IDENTIFIER_AUTHORITY auth, BYTE cnt, } } -void -current_group (const char *sep, DWORD id_offset) -{ - DWORD len; - HANDLE ptok; - struct { - PSID psid; - char buffer[MAX_SID_LEN]; - } tg; - WCHAR grp[GNLEN + 1]; - WCHAR dom[MAX_DOMAIN_NAME_LEN + 1]; - DWORD glen = GNLEN + 1; - DWORD dlen = MAX_DOMAIN_NAME_LEN + 1; - int gid; - SID_NAME_USE acc_type; - - if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok) - || !GetTokenInformation (ptok, TokenPrimaryGroup, &tg, sizeof tg, &len) - || !CloseHandle (ptok) - || !LookupAccountSidW (NULL, tg.psid, grp, &glen, dom, &dlen, &acc_type)) - { - print_win_error (GetLastError ()); - return; - } - gid = *GetSidSubAuthority (tg.psid, *GetSidSubAuthorityCount(tg.psid) - 1); - printf ("%ls%s%ls:%s:%lu:\n", - sep ? dom : L"", - sep ?: "", - grp, - put_sid (tg.psid), - id_offset + gid); -} - int usage (FILE * stream) { @@ -838,6 +858,8 @@ skip: print_special (&sid_nt_auth, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0); + fetch_current_pgrp_sid (); + off = id_offset; for (i = 0; i < print_domlist; ++i) { @@ -856,7 +878,7 @@ skip: } } - if (print_current) + if (print_current && !got_curr_pgrp) current_group (sep_char, off); return 0; diff --git a/winsup/utils/mkpasswd.c b/winsup/utils/mkpasswd.c index 546ba24cc..14c5eb095 100644 --- a/winsup/utils/mkpasswd.c +++ b/winsup/utils/mkpasswd.c @@ -175,16 +175,37 @@ uni2ansi (LPWSTR wcs, char *mbs, int size) *mbs = '\0'; } +typedef struct { + PSID psid; + int buffer[10]; +} sidbuf; + +sidbuf curr_user; +sidbuf curr_pgrp; +BOOL got_curr_user = FALSE; + +void +fetch_current_user_sid () +{ + DWORD len; + HANDLE ptok; + + if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok) + || !GetTokenInformation (ptok, TokenUser, &curr_user, sizeof curr_user, + &len) + || !GetTokenInformation (ptok, TokenPrimaryGroup, &curr_pgrp, + sizeof curr_pgrp, &len) + || !CloseHandle (ptok)) + { + print_win_error (GetLastError ()); + return; + } +} + void current_user (int print_cygpath, const char *sep, const char *passed_home_path, DWORD id_offset, const char *disp_username) { - DWORD len; - HANDLE ptok; - struct { - PSID psid; - int buffer[10]; - } tu, tg; WCHAR user[UNLEN + 1]; WCHAR dom[MAX_DOMAIN_NAME_LEN + 1]; DWORD ulen = UNLEN + 1; @@ -193,18 +214,18 @@ current_user (int print_cygpath, const char *sep, const char *passed_home_path, int uid, gid; char homedir_psx[PATH_MAX] = {0}, homedir_w32[MAX_PATH] = {0}; - if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok) - || !GetTokenInformation (ptok, TokenUser, &tu, sizeof tu, &len) - || !GetTokenInformation (ptok, TokenPrimaryGroup, &tg, sizeof tg, &len) - || !CloseHandle (ptok) - || !LookupAccountSidW (NULL, tu.psid, user, &ulen, dom, &dlen, &acc_type)) + if (!curr_user.psid || !curr_pgrp.psid + || !LookupAccountSidW (NULL, curr_user.psid, user, &ulen, dom, &dlen, + &acc_type)) { print_win_error (GetLastError ()); return; } - uid = *GetSidSubAuthority (tu.psid, *GetSidSubAuthorityCount(tu.psid) - 1); - gid = *GetSidSubAuthority (tg.psid, *GetSidSubAuthorityCount(tg.psid) - 1); + uid = *GetSidSubAuthority (curr_user.psid, + *GetSidSubAuthorityCount(curr_user.psid) - 1); + gid = *GetSidSubAuthority (curr_pgrp.psid, + *GetSidSubAuthorityCount(curr_pgrp.psid) - 1); if (passed_home_path[0] == '\0') { char *envhome = getenv ("HOME"); @@ -254,7 +275,7 @@ current_user (int print_cygpath, const char *sep, const char *passed_home_path, id_offset + gid, dom, user, - put_sid (tu.psid), + put_sid (curr_user.psid), homedir_psx); } @@ -487,7 +508,8 @@ enum_users (BOOL domain, domlist_t *dom_or_machine, const char *sep, continue; } } - + if (EqualSid (curr_user.psid, psid)) + got_curr_user = TRUE; printf ("%ls%s%ls:unused:%lu:%lu:%ls%sU-%ls\\%ls,%s:%s:/bin/bash\n", with_dom ? domain_name : L"", with_dom ? sep : "", @@ -824,6 +846,8 @@ skip: return 1; } + fetch_current_user_sid (); + off = id_offset; for (i = 0; i < print_domlist; ++i) { @@ -840,7 +864,7 @@ skip: off += id_offset; } - if (print_current) + if (print_current && !got_curr_user) current_user (print_cygpath, sep_char, passed_home_path, off, disp_username);