2 Bacula® - The Network Backup Solution
4 Copyright (C) 2003-2009 Free Software Foundation Europe e.V.
6 The main author of Bacula is Kern Sibbald, with contributions from
7 many others, a complete list can be found in the file AUTHORS.
8 This program is Free Software; you can redistribute it and/or
9 modify it under the terms of version three of the GNU Affero General Public
10 License as published by the Free Software Foundation and included
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU Affero General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 Bacula® is a registered trademark of Kern Sibbald.
24 The licensor of Bacula is the Free Software Foundation Europe
25 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
26 Switzerland, email:ftf@fsfeurope.org.
29 * Enable backup privileges for Win32 systems.
31 * Kern Sibbald, May MMIII
42 /*=============================================================*/
44 /* * * * U n i x * * * * */
46 /*=============================================================*/
48 #if !defined(HAVE_WIN32)
50 int enable_backup_privileges(JCR *jcr, int ignore_errors)
58 /*=============================================================*/
60 /* * * * W i n 3 2 * * * * */
62 /*=============================================================*/
64 #if defined(HAVE_WIN32)
66 void win_error(JCR *jcr, const char *prefix, DWORD lerror);
69 enable_priv(JCR *jcr, HANDLE hToken, const char *name, int ignore_errors)
74 if (!(p_LookupPrivilegeValue && p_AdjustTokenPrivileges)) {
75 return 0; /* not avail on this OS */
78 // Get the LUID for the security privilege.
79 if (!p_LookupPrivilegeValue(NULL, name, &tkp.Privileges[0].Luid)) {
80 win_error(jcr, "LookupPrivilegeValue", GetLastError());
84 /* Set the security privilege for this process. */
85 tkp.PrivilegeCount = 1;
86 tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
87 p_AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(TOKEN_PRIVILEGES), NULL, NULL);
88 lerror = GetLastError();
89 if (lerror != ERROR_SUCCESS) {
92 strcpy(buf, _("AdjustTokenPrivileges set "));
93 bstrncat(buf, name, sizeof(buf));
94 win_error(jcr, buf, lerror);
102 * Setup privileges we think we will need. We probably do not need
103 * the SE_SECURITY_NAME, but since nothing seems to be working,
104 * we get it hoping to fix the problems.
106 int enable_backup_privileges(JCR *jcr, int ignore_errors)
108 HANDLE hToken, hProcess;
111 if (!p_OpenProcessToken) {
112 return 0; /* No avail on this OS */
115 hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId());
117 // Get a token for this process.
118 if (!p_OpenProcessToken(hProcess,
119 TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
120 if (!ignore_errors) {
121 win_error(jcr, "OpenProcessToken", GetLastError());
123 /* Forge on anyway */
126 /* Return a bit map of permissions set. */
127 if (enable_priv(jcr, hToken, SE_BACKUP_NAME, ignore_errors)) {
130 if (enable_priv(jcr, hToken, SE_RESTORE_NAME, ignore_errors)) {
133 if (enable_priv(jcr, hToken, SE_SECURITY_NAME, ignore_errors)) {
136 if (enable_priv(jcr, hToken, SE_TAKE_OWNERSHIP_NAME, ignore_errors)) {
139 if (enable_priv(jcr, hToken, SE_ASSIGNPRIMARYTOKEN_NAME, ignore_errors)) {
142 if (enable_priv(jcr, hToken, SE_SYSTEM_ENVIRONMENT_NAME, ignore_errors)) {
145 if (enable_priv(jcr, hToken, SE_CREATE_TOKEN_NAME, ignore_errors)) {
148 if (enable_priv(jcr, hToken, SE_MACHINE_ACCOUNT_NAME, ignore_errors)) {
151 if (enable_priv(jcr, hToken, SE_TCB_NAME, ignore_errors)) {
154 if (enable_priv(jcr, hToken, SE_CREATE_PERMANENT_NAME, ignore_errors)) {
163 CloseHandle(hProcess);
167 #endif /* HAVE_WIN32 */