Hi,
I have coded a patch for a more explicit Windows attribs output.
Example output:
ich@ThinkPad-T500:~$ ntfs-3g.secaudit Dokumente
secaudit 1.4.3 : NTFS security data auditing
Directory Dokumente
Windows attribs : 0x11 - R___D___________
** Could not find the user mapping file
Retry with full path of file
Windows owner S-1-5-21-2466938724-721355277-839723094-1003
Windows group S-1-5-21-2466938724-721355277-839723094-513
Interpreted Unix owner 0, group 0, mode 0700
** 1 error was found
Hopefully you enjoy it,
-Ulf
# HG changeset patch
# User Ulf Zibis
# Date 1454150181 -3600
# Sat Jan 30 11:36:21 2016 +0100
# Node ID ed7ceb429c5a649a915f16b64353b9ee75eac878
# Parent 08179df8a3fb0196d92100f80ad44995dc4034fd
Explicit Windows attribs
diff --git a/src/secaudit.c b/src/secaudit.c
--- a/src/secaudit.c
+++ b/src/secaudit.c
@@ -28,7 +28,7 @@
* backup the security parameters of files in directory
* secaudit -s[ve] volume [backupfile]
* set the security parameters as indicated in backup
- * with -e set extra parameters (Windows attrib)
+ * with -e set extra parameters (Windows attribs)
* secaudit volume perms file
* set the security parameters of file to perms (mode or acl)
* secaudit -r[v] volume perms directory
@@ -49,7 +49,7 @@
* backup the security parameters of files in directory
* secaudit -s[v] [backupfile]
* set the security parameters as indicated in backup
- * with -e set extra parameters (Windows attrib)
+ * with -e set extra parameters (Windows attribs)
* secaudit perms file
* set the security parameters of file to perms (mode or acl)
* secaudit -r[v] perms directory
@@ -212,6 +212,9 @@
* - decoded more "well-known" and generic SIDs
* - showed Windows ownership in verbose situations
* - fixed apparent const violations
+ *
+ * Jan 2016, version 1.4.3
+ * - outlined Windows attribs (Ulf Zibis)
*/
/*
@@ -235,7 +238,7 @@
* General parameters which may have to be adapted to needs
*/
-#define AUDT_VERSION "1.4.2"
+#define AUDT_VERSION "1.4.3"
#define GET_FILE_SECURITY "ntfs_get_file_security"
#define SET_FILE_SECURITY "ntfs_set_file_security"
@@ -590,20 +593,21 @@
1, /* auth count */
0, 0, 0, 0, 0, 1, /* base */
0, 0, 0, 0 /* 1st level */
-} ;
+};
+
static const SID *worldsid = (const SID*)worldsidbytes;
/*
* SID for authenticated user (S-1-5-11)
*/
-
+
static const char authsidbytes[] = {
1, /* revision */
1, /* auth count */
0, 0, 0, 0, 0, 5, /* base */
11, 0, 0, 0 /* 1st level */
};
-
+
static const SID *authsid = (const SID*)authsidbytes;
/*
@@ -644,11 +648,12 @@
0, 0, 0, 0, 0, 5, /* base */
18, 0, 0, 0 /* 1st level */
};
-
+
static const SID *systemsid = (const SID*)systemsidbytes;
#endif
+
/*
* Global variables
*/
@@ -920,6 +925,20 @@
}
}
+/*
+ * Print Windows attributes
+ */
+
+void print_winattribs(const int attrib)
+{
+ char attribs[] = "RHS?DA??T?JCOI??";
+ int i;
+ for (i=0; i<sizeof(attribs)-1; i++)
+ if (!(attrib & (1<<i)))
+ attribs[i] = '_';
+ printf("Windows attribs : 0x%x - %s\n",attrib,attribs);
+}
+
u32 hash(const le32 *buf, int size /* bytes */)
{
u32 h;
@@ -2705,7 +2724,7 @@
badattrib = !ntfs_set_file_attributes(ntfs_context, fullname, attrib);
#endif
if (badattrib) {
- printf("** Could not set Windows attrib of ");
+ printf("** Could not set Windows attribs of ");
printname(stdout,fullname);
printf(" to 0x%x\n", attrib);
printerror(stdout);
@@ -2919,7 +2938,7 @@
oldhash = getmsbhex(&line[18]);
if (!strncmp(line,"Security key : 0x",17))
key = getmsbhex(&line[17]);
- if (!strncmp(line,"Windows attrib : 0x",19))
+ if (!strncmp(line,"Windows attribs : 0x",19))
attrib = getmsbhex(&line[19]);
if (done
|| !strncmp(line,"File ",5)
@@ -5028,7 +5047,7 @@
printf("** Could not get file attrib\n");
errors++;
} else
- printf("Windows attrib : 0x%x\n",attrib);
+ print_winattribs(attrib);
if (ntfs_valid_descr(attr,attrsz)) {
#if POSIXACLS
pxdesc = linux_permissions_posix(attr,isdir);
@@ -5394,7 +5413,7 @@
showsacl(attr,isdir,level);
}
if (attrib != INVALID_FILE_ATTRIBUTES)
- printf("Windows attrib : 0x%x\n",attrib);
+ print_winattribs(attrib);
uid = linux_owner(attr);
gid = linux_group(attr);
if (opt_b) {
@@ -5444,7 +5463,7 @@
printf("Security key : 0x%x mode %03o (already displayed)\n",
securindex,psecurdata->mode);
if (attrib != INVALID_FILE_ATTRIBUTES)
- printf("Windows attrib : 0x%x\n",attrib);
+ print_winattribs(attrib);
} else {
printf("%s %s",(isdir ? "Directory" : "File"),fullname);
printf(" : key 0x%x\n",securindex);
@@ -5583,7 +5602,7 @@
printf("** Could not get file attrib\n");
errors++;
} else
- printf("Windows attrib : 0x%x\n",(int)attrib);
+ print_winattribs(attrib);
if (ntfs_valid_descr(attr,attrsz)) {
mapped = !local_build_mapping(context.mapping,fullname);
#if POSIXACLS
@@ -7174,7 +7193,7 @@
fprintf(stderr," backup the security parameters of files in directory\n");
fprintf(stderr," secaudit -s[ev] [backupfile]\n");
fprintf(stderr," set the security parameters as indicated in backup file\n");
- fprintf(stderr," with -e also set extra parameters (Windows attrib)\n");
+ fprintf(stderr," with -e also set extra parameters (Windows attribs)\n");
fprintf(stderr," secaudit perms file\n");
fprintf(stderr," set the security parameters of file to perms\n");
fprintf(stderr," secaudit -r[v] perms directory\n");
@@ -7226,7 +7245,7 @@
fprintf(stderr," backup the security parameters of files in directory\n");
fprintf(stderr," secaudit -s[ev] volume [backupfile]\n");
fprintf(stderr," set the security parameters as indicated in backup file\n");
- fprintf(stderr," with -e also set extra parameters (Windows attrib)\n");
+ fprintf(stderr," with -e also set extra parameters (Windows attribs)\n");
fprintf(stderr," secaudit volume perms file\n");
fprintf(stderr," set the security parameters of file to perms\n");
fprintf(stderr," secaudit -r[v] volume perms directory\n");
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
ntfs-3g-devel mailing list
ntfs-3g-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ntfs-3g-devel
