[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha6-433-g63bb31e
Günther Deschner
gd at samba.org
Tue Feb 3 15:15:32 GMT 2009
The branch, master has been updated
via 63bb31e11812264aa377abdd4c256c46dde236b0 (commit)
via c53e3bfa7d1854494cb144b099eded8860f92e2a (commit)
via cf3be5ce7a7f318cfb84baba4d1fc56ddd8f5497 (commit)
via 1c627c22324fbb83de4c602cdbdd658ab53cde54 (commit)
via 268f87df61dbf2625d33c149607db046f60dd5fd (commit)
from b94946697dc1d2915f6330f3a02cca7d69bc7cff (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 63bb31e11812264aa377abdd4c256c46dde236b0
Author: Günther Deschner <gd at samba.org>
Date: Thu Jan 22 20:14:28 2009 +0100
s3-docs: add documentation for dump option of eventlogadm.
Guenther
commit c53e3bfa7d1854494cb144b099eded8860f92e2a
Author: Günther Deschner <gd at samba.org>
Date: Thu Jan 22 20:11:19 2009 +0100
s3-eventlogadm: add command to dump stored tdb entries.
Guenther
commit cf3be5ce7a7f318cfb84baba4d1fc56ddd8f5497
Author: Günther Deschner <gd at samba.org>
Date: Thu Jan 15 20:28:30 2009 +0100
s3-eventlog: add evlog_pull_record_tdb function.
Guenther
commit 1c627c22324fbb83de4c602cdbdd658ab53cde54
Author: Günther Deschner <gd at samba.org>
Date: Tue Feb 3 15:55:46 2009 +0100
s3: re-run make samba3-idl.
Guenther
commit 268f87df61dbf2625d33c149607db046f60dd5fd
Author: Günther Deschner <gd at samba.org>
Date: Thu Jan 15 15:32:18 2009 +0100
eventlog: add eventlog_Record_tdb to support the traditional s3 on-disc format.
Guenther
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages-3/eventlogadm.8.xml | 26 +++++
librpc/gen_ndr/eventlog.h | 29 ++++++
librpc/gen_ndr/ndr_eventlog.c | 174 +++++++++++++++++++++++++++++++++
librpc/gen_ndr/ndr_eventlog.h | 3 +
librpc/idl/eventlog.idl | 32 ++++++
source3/Makefile.in | 4 +-
source3/include/proto.h | 3 +
source3/rpc_server/srv_eventlog_lib.c | 55 ++++++++++
source3/utils/eventlogadm.c | 53 ++++++++++
9 files changed, 378 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/eventlogadm.8.xml b/docs-xml/manpages-3/eventlogadm.8.xml
index 51a066f..fa514de 100644
--- a/docs-xml/manpages-3/eventlogadm.8.xml
+++ b/docs-xml/manpages-3/eventlogadm.8.xml
@@ -40,6 +40,18 @@
</arg>
</cmdsynopsis>
+ <cmdsynopsis>
+ <command>eventlogadm</command>
+ <arg><option>-d</option></arg>
+ <arg><option>-h</option></arg>
+ <arg choice="plain"><option>-o</option>
+ <literal>dump</literal>
+ <replaceable>EVENTLOG</replaceable>
+ <replaceable>RECORD_NUMBER</replaceable>
+ </arg>
+
+ </cmdsynopsis>
+
</refsynopsisdiv>
<refsect1>
@@ -97,6 +109,20 @@
</varlistentry>
<varlistentry>
+ <term>
+ <option>-o</option>
+ <literal>write</literal>
+ <replaceable>EVENTLOG</replaceable>
+ <replaceable>RECORD_NUMBER</replaceable>
+ </term>
+ <listitem><para>
+ The <command>-o dump</command> reads event log
+ records from a EVENTLOG tdb and dumps them to standard
+ output on screen.
+ </para> </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><option>-h</option></term>
<listitem><para>
Print usage information.
diff --git a/librpc/gen_ndr/eventlog.h b/librpc/gen_ndr/eventlog.h
index 8dc0d0d..0c998a8 100644
--- a/librpc/gen_ndr/eventlog.h
+++ b/librpc/gen_ndr/eventlog.h
@@ -65,6 +65,35 @@ struct eventlog_Record {
uint32_t size2;/* [value(size)] */
}/* [public,flag(LIBNDR_FLAG_NOALIGN)] */;
+struct eventlog_Record_tdb {
+ uint32_t size;
+ const char *reserved;/* [value("eLfL"),charset(DOS)] */
+ uint32_t record_number;
+ time_t time_generated;
+ time_t time_written;
+ uint32_t event_id;
+ enum eventlogEventTypes event_type;
+ uint16_t num_of_strings;/* [range(0,256)] */
+ uint16_t event_category;
+ uint16_t reserved_flags;
+ uint32_t closing_record_number;
+ uint32_t stringoffset;
+ uint32_t sid_length;/* [value(sid.length)] */
+ uint32_t sid_offset;
+ uint32_t data_length;/* [value(data.length)] */
+ uint32_t data_offset;
+ uint32_t source_name_len;/* [value(2*strlen_m_term(source_name))] */
+ const char * source_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */
+ uint32_t computer_name_len;/* [value(2*strlen_m_term(computer_name))] */
+ const char * computer_name;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */
+ uint32_t sid_padding;
+ DATA_BLOB sid;
+ uint32_t strings_len;/* [value(2*ndr_size_string_array(strings,num_of_strings,LIBNDR_FLAG_STR_NULLTERM))] */
+ const char * *strings;/* [flag(LIBNDR_FLAG_STR_NULLTERM)] */
+ DATA_BLOB data;
+ uint32_t padding;
+}/* [public,flag(LIBNDR_FLAG_NOALIGN|LIBNDR_PRINT_ARRAY_HEX)] */;
+
struct EVENTLOG_FULL_INFORMATION {
uint32_t full;
};
diff --git a/librpc/gen_ndr/ndr_eventlog.c b/librpc/gen_ndr/ndr_eventlog.c
index 938f0db..a43b343 100644
--- a/librpc/gen_ndr/ndr_eventlog.c
+++ b/librpc/gen_ndr/ndr_eventlog.c
@@ -287,6 +287,180 @@ _PUBLIC_ void ndr_print_eventlog_Record(struct ndr_print *ndr, const char *name,
}
}
+_PUBLIC_ enum ndr_err_code ndr_push_eventlog_Record_tdb(struct ndr_push *ndr, int ndr_flags, const struct eventlog_Record_tdb *r)
+{
+ uint32_t cntr_strings_0;
+ {
+ uint32_t _flags_save_STRUCT = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN|LIBNDR_PRINT_ARRAY_HEX);
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->size));
+ NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, "eLfL", 4, sizeof(uint8_t), CH_DOS));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->record_number));
+ NDR_CHECK(ndr_push_time_t(ndr, NDR_SCALARS, r->time_generated));
+ NDR_CHECK(ndr_push_time_t(ndr, NDR_SCALARS, r->time_written));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->event_id));
+ NDR_CHECK(ndr_push_eventlogEventTypes(ndr, NDR_SCALARS, r->event_type));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->num_of_strings));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->event_category));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->reserved_flags));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->closing_record_number));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->stringoffset));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sid.length));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sid_offset));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->data.length));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->data_offset));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 2 * strlen_m_term(r->source_name)));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->source_name));
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 2 * strlen_m_term(r->computer_name)));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->computer_name));
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sid_padding));
+ NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->sid));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 2 * ndr_size_string_array(r->strings, r->num_of_strings, LIBNDR_FLAG_STR_NULLTERM)));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ for (cntr_strings_0 = 0; cntr_strings_0 < r->num_of_strings; cntr_strings_0++) {
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->strings[cntr_strings_0]));
+ }
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->data));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->padding));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ ndr->flags = _flags_save_STRUCT;
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_eventlog_Record_tdb(struct ndr_pull *ndr, int ndr_flags, struct eventlog_Record_tdb *r)
+{
+ uint32_t cntr_strings_0;
+ TALLOC_CTX *_mem_save_strings_0;
+ {
+ uint32_t _flags_save_STRUCT = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN|LIBNDR_PRINT_ARRAY_HEX);
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_pull_align(ndr, 4));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->size));
+ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->reserved, 4, sizeof(uint8_t), CH_DOS));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->record_number));
+ NDR_CHECK(ndr_pull_time_t(ndr, NDR_SCALARS, &r->time_generated));
+ NDR_CHECK(ndr_pull_time_t(ndr, NDR_SCALARS, &r->time_written));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->event_id));
+ NDR_CHECK(ndr_pull_eventlogEventTypes(ndr, NDR_SCALARS, &r->event_type));
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->num_of_strings));
+ if (r->num_of_strings > 256) {
+ return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
+ }
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->event_category));
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->reserved_flags));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->closing_record_number));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->stringoffset));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sid_length));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sid_offset));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->data_length));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->data_offset));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->source_name_len));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->source_name));
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->computer_name_len));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->computer_name));
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sid_padding));
+ NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->sid));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->strings_len));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_PULL_ALLOC_N(ndr, r->strings, r->num_of_strings);
+ _mem_save_strings_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->strings, 0);
+ for (cntr_strings_0 = 0; cntr_strings_0 < r->num_of_strings; cntr_strings_0++) {
+ NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->strings[cntr_strings_0]));
+ }
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_strings_0, 0);
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->data));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->padding));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ ndr->flags = _flags_save_STRUCT;
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_eventlog_Record_tdb(struct ndr_print *ndr, const char *name, const struct eventlog_Record_tdb *r)
+{
+ uint32_t cntr_strings_0;
+ ndr_print_struct(ndr, name, "eventlog_Record_tdb");
+ {
+ uint32_t _flags_save_STRUCT = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN|LIBNDR_PRINT_ARRAY_HEX);
+ ndr->depth++;
+ ndr_print_uint32(ndr, "size", r->size);
+ ndr_print_string(ndr, "reserved", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?"eLfL":r->reserved);
+ ndr_print_uint32(ndr, "record_number", r->record_number);
+ ndr_print_time_t(ndr, "time_generated", r->time_generated);
+ ndr_print_time_t(ndr, "time_written", r->time_written);
+ ndr_print_uint32(ndr, "event_id", r->event_id);
+ ndr_print_eventlogEventTypes(ndr, "event_type", r->event_type);
+ ndr_print_uint16(ndr, "num_of_strings", r->num_of_strings);
+ ndr_print_uint16(ndr, "event_category", r->event_category);
+ ndr_print_uint16(ndr, "reserved_flags", r->reserved_flags);
+ ndr_print_uint32(ndr, "closing_record_number", r->closing_record_number);
+ ndr_print_uint32(ndr, "stringoffset", r->stringoffset);
+ ndr_print_uint32(ndr, "sid_length", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?r->sid.length:r->sid_length);
+ ndr_print_uint32(ndr, "sid_offset", r->sid_offset);
+ ndr_print_uint32(ndr, "data_length", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?r->data.length:r->data_length);
+ ndr_print_uint32(ndr, "data_offset", r->data_offset);
+ ndr_print_uint32(ndr, "source_name_len", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?2 * strlen_m_term(r->source_name):r->source_name_len);
+ ndr_print_string(ndr, "source_name", r->source_name);
+ ndr_print_uint32(ndr, "computer_name_len", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?2 * strlen_m_term(r->computer_name):r->computer_name_len);
+ ndr_print_string(ndr, "computer_name", r->computer_name);
+ ndr_print_uint32(ndr, "sid_padding", r->sid_padding);
+ ndr_print_DATA_BLOB(ndr, "sid", r->sid);
+ ndr_print_uint32(ndr, "strings_len", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?2 * ndr_size_string_array(r->strings, r->num_of_strings, LIBNDR_FLAG_STR_NULLTERM):r->strings_len);
+ ndr->print(ndr, "%s: ARRAY(%d)", "strings", (int)r->num_of_strings);
+ ndr->depth++;
+ for (cntr_strings_0=0;cntr_strings_0<r->num_of_strings;cntr_strings_0++) {
+ char *idx_0=NULL;
+ if (asprintf(&idx_0, "[%d]", cntr_strings_0) != -1) {
+ ndr_print_string(ndr, "strings", r->strings[cntr_strings_0]);
+ free(idx_0);
+ }
+ }
+ ndr->depth--;
+ ndr_print_DATA_BLOB(ndr, "data", r->data);
+ ndr_print_uint32(ndr, "padding", r->padding);
+ ndr->depth--;
+ ndr->flags = _flags_save_STRUCT;
+ }
+}
+
static enum ndr_err_code ndr_push_eventlog_ClearEventLogW(struct ndr_push *ndr, int flags, const struct eventlog_ClearEventLogW *r)
{
if (flags & NDR_IN) {
diff --git a/librpc/gen_ndr/ndr_eventlog.h b/librpc/gen_ndr/ndr_eventlog.h
index 3fa20e3..39bfd38 100644
--- a/librpc/gen_ndr/ndr_eventlog.h
+++ b/librpc/gen_ndr/ndr_eventlog.h
@@ -70,6 +70,9 @@ void ndr_print_eventlog_OpenUnknown0(struct ndr_print *ndr, const char *name, co
enum ndr_err_code ndr_push_eventlog_Record(struct ndr_push *ndr, int ndr_flags, const struct eventlog_Record *r);
enum ndr_err_code ndr_pull_eventlog_Record(struct ndr_pull *ndr, int ndr_flags, struct eventlog_Record *r);
void ndr_print_eventlog_Record(struct ndr_print *ndr, const char *name, const struct eventlog_Record *r);
+enum ndr_err_code ndr_push_eventlog_Record_tdb(struct ndr_push *ndr, int ndr_flags, const struct eventlog_Record_tdb *r);
+enum ndr_err_code ndr_pull_eventlog_Record_tdb(struct ndr_pull *ndr, int ndr_flags, struct eventlog_Record_tdb *r);
+void ndr_print_eventlog_Record_tdb(struct ndr_print *ndr, const char *name, const struct eventlog_Record_tdb *r);
void ndr_print_eventlog_ClearEventLogW(struct ndr_print *ndr, const char *name, int flags, const struct eventlog_ClearEventLogW *r);
void ndr_print_eventlog_BackupEventLogW(struct ndr_print *ndr, const char *name, int flags, const struct eventlog_BackupEventLogW *r);
void ndr_print_eventlog_CloseEventLog(struct ndr_print *ndr, const char *name, int flags, const struct eventlog_CloseEventLog *r);
diff --git a/librpc/idl/eventlog.idl b/librpc/idl/eventlog.idl
index ccdca00..0826f59 100644
--- a/librpc/idl/eventlog.idl
+++ b/librpc/idl/eventlog.idl
@@ -58,6 +58,38 @@ import "lsa.idl", "security.idl";
[value(size)] uint32 size2;
} eventlog_Record;
+ /* compat structure for samba3 on-disc eventlog format,
+ this is *NOT* used on the wire. - gd */
+
+ typedef [flag(NDR_NOALIGN|NDR_PAHEX),public] struct {
+ uint32 size;
+ [charset(DOS),value("eLfL")] uint8 reserved[4];
+ uint32 record_number;
+ time_t time_generated;
+ time_t time_written;
+ uint32 event_id;
+ eventlogEventTypes event_type;
+ [range(0,256)] uint16 num_of_strings;
+ uint16 event_category;
+ uint16 reserved_flags;
+ uint32 closing_record_number;
+ uint32 stringoffset;
+ [value(sid.length)] uint32 sid_length;
+ uint32 sid_offset;
+ [value(data.length)] uint32 data_length;
+ uint32 data_offset;
+ [value(2*strlen_m_term(source_name))] uint32 source_name_len;
+ nstring source_name;
+ [value(2*strlen_m_term(computer_name))] uint32 computer_name_len;
+ nstring computer_name;
+ uint32 sid_padding;
+ DATA_BLOB sid;
+ [value(2*ndr_size_string_array(strings, num_of_strings, STR_NULLTERM))] uint32 strings_len;
+ nstring strings[num_of_strings];
+ DATA_BLOB data;
+ uint32 padding;
+ } eventlog_Record_tdb;
+
/******************/
/* Function: 0x00 */
NTSTATUS eventlog_ClearEventLogW(
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 531f64f..992df5e 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -983,7 +983,9 @@ EVTLOGADM_OBJ0 = utils/eventlogadm.o
EVTLOGADM_OBJ = $(EVTLOGADM_OBJ0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \
$(LIBSAMBA_OBJ) \
- registry/reg_eventlog.o rpc_server/srv_eventlog_lib.o
+ registry/reg_eventlog.o rpc_server/srv_eventlog_lib.o \
+ ../librpc/gen_ndr/ndr_eventlog.o \
+ ../librpc/gen_ndr/ndr_lsa.o
SHARESEC_OBJ0 = utils/sharesec.o
SHARESEC_OBJ = $(SHARESEC_OBJ0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 19d131c..bf4976e 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -6263,6 +6263,9 @@ int elog_close_tdb( ELOG_TDB *etdb, bool force_close );
int write_eventlog_tdb( TDB_CONTEXT * the_tdb, Eventlog_entry * ee );
void fixup_eventlog_entry( Eventlog_entry * ee );
bool parse_logentry( TALLOC_CTX *mem_ctx, char *line, Eventlog_entry * entry, bool * eor );
+struct eventlog_Record_tdb *evlog_pull_record_tdb(TALLOC_CTX *mem_ctx,
+ TDB_CONTEXT *tdb,
+ uint32_t record_number);
/* The following definitions come from rpc_server/srv_eventlog_nt.c */
diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c
index 2890dc9..d6c4f1a 100644
--- a/source3/rpc_server/srv_eventlog_lib.c
+++ b/source3/rpc_server/srv_eventlog_lib.c
@@ -748,3 +748,58 @@ bool parse_logentry( TALLOC_CTX *mem_ctx, char *line, Eventlog_entry * entry, bo
}
return true;
}
+
+/********************************************************************
+ ********************************************************************/
+
+struct eventlog_Record_tdb *evlog_pull_record_tdb(TALLOC_CTX *mem_ctx,
+ TDB_CONTEXT *tdb,
+ uint32_t record_number)
+{
+ struct eventlog_Record_tdb *r;
+ TDB_DATA data, key;
+
+ int32_t srecno;
+ enum ndr_err_code ndr_err;
+ DATA_BLOB blob;
+
+ srecno = record_number;
+ key.dptr = (unsigned char *)&srecno;
+ key.dsize = sizeof(int32_t);
+
+ data = tdb_fetch(tdb, key);
+ if (data.dsize == 0) {
+ DEBUG(8,("evlog_pull_record_tdb: "
+ "Can't find a record for the key, record %d\n",
+ record_number));
+ return NULL;
+ }
+
+ r = talloc_zero(mem_ctx, struct eventlog_Record_tdb);
+ if (!r) {
+ goto done;
+ }
+
+ blob = data_blob_const(data.dptr, data.dsize);
+
+ ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, r,
+ (ndr_pull_flags_fn_t)ndr_pull_eventlog_Record_tdb);
+
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(10,("evlog_pull_record_tdb: failed to decode record %d\n",
+ record_number));
+ TALLOC_FREE(r);
+ goto done;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_DEBUG(eventlog_Record_tdb, r);
+ }
+
+ DEBUG(10,("evlog_pull_record_tdb: retrieved entry for record %d\n",
+ record_number));
+ done:
+ SAFE_FREE(data.dptr);
+
+ return r;
+}
diff --git a/source3/utils/eventlogadm.c b/source3/utils/eventlogadm.c
index fb0bc60..b957ec2 100644
--- a/source3/utils/eventlogadm.c
+++ b/source3/utils/eventlogadm.c
@@ -37,6 +37,7 @@ static void usage( char *s )
printf( "\nUsage: %s [OPTION]\n\n", s );
printf( " -o write <Eventlog Name> \t\t\t\t\tWrites records to eventlog from STDIN\n" );
printf( " -o addsource <EventlogName> <sourcename> <msgfileDLLname> \tAdds the specified source & DLL eventlog registry entry\n" );
+ printf( " -o dump <Eventlog Name> <starting_record>\t\t\t\t\tDump stored eventlog entries on STDOUT\n" );
printf( "\nMiscellaneous options:\n" );
printf( " -d\t\t\t\t\t\t\t\tturn debug on\n" );
printf( " -h\t\t\t\t\t\t\t\tdisplay help\n\n" );
@@ -157,6 +158,54 @@ static int DoWriteCommand( int argc, char **argv, bool debugflag, char *exename
return 0;
}
+static int DoDumpCommand(int argc, char **argv, bool debugflag, char *exename)
+{
+ ELOG_TDB *etdb;
+ TALLOC_CTX *mem_ctx = talloc_tos();
+ const char *tdb_filename;
+ uint32_t count = 1;
+
+ if (argc > 2) {
+ return -1;
+ }
+
+ tdb_filename = argv[0];
+
+ if (argc > 1) {
+ count = atoi(argv[1]);
+ }
+
+ etdb = elog_open_tdb(argv[0], false, true);
+ if (!etdb) {
+ printf("can't open the eventlog TDB (%s)\n", argv[0]);
+ return -1;
+ }
+
+ while (1) {
+
+ struct eventlog_Record_tdb *r;
+ char *s;
+
+ r = evlog_pull_record_tdb(mem_ctx, etdb->tdb, count);
+ if (!r) {
+ break;
+ }
+
+ printf("displaying record: %d\n", count);
+
+ s = NDR_PRINT_STRUCT_STRING(mem_ctx, eventlog_Record_tdb, r);
+ if (s) {
+ printf("%s\n", s);
+ talloc_free(s);
+ }
+ count++;
+ }
+
+ elog_close_tdb(etdb, false);
+
+ return 0;
+}
+
/* would be nice to use the popT stuff here, however doing so forces us to drag in a lot of other infrastructure */
int main( int argc, char *argv[] )
@@ -222,6 +271,10 @@ int main( int argc, char *argv[] )
rc = DoWriteCommand( argc, argv, opt_debug, exename );
break;
}
+ if ( !StrCaseCmp( opname, "dump" ) ) {
+ rc = DoDumpCommand( argc, argv, opt_debug, exename );
+ break;
+ }
printf( "unknown command [%s]\n", opname );
usage( exename );
exit( 1 );
--
Samba Shared Repository
More information about the samba-cvs
mailing list