[cygwin-apps/setup.git] / main.cc

/*
 * Copyright (c) 2000, Red Hat, Inc.
 * Copyright (c) 2003, Robert Collins <rbtcollins@hotmail.com>
 *
 *     This program is free software; you can redistribute it and/or modify
 *     it under the terms of the GNU General Public License as published by
 *     the Free Software Foundation; either version 2 of the License, or
 *     (at your option) any later version.
 *
 *     A copy of the GNU General Public License can be found at
 *     http://www.gnu.org/
 *
 * Written by DJ Delorie <dj@cygnus.com>
 *            Robert Collins <rbtcollins@hotmail.com>
 *
 *
 */

/* OK, here's how this works.  Each of the steps needed for install -
   dialogs, downloads, installs - are in their own files and have some
   "do_*" function (prototype in dialog.h) and a resource id (IDD_* or
   IDD_S_* in resource.h) for that step.  Each step is responsible for
   selecting the next step!  See the NEXT macro in dialog.h.  Note
   that the IDD_S_* ids are fake; those are for steps that don't
   really have a controlling dialog (some have progress dialogs, but
   those don't count, although they could).  Replace the IDD_S_* with
   IDD_* if you create a real dialog for those steps. */

#if 0
static const char *cvsid =
  "\n%%% $Id$\n";
#endif

#include "win32.h"
#include <commctrl.h>

#include <stdio.h>
#include <stdlib.h>
#include "resource.h"
#include "dialog.h"
#include "state.h"
#include "msg.h"
#include "find.h"
#include "mount.h"
#include "LogFile.h"
#include "setup_version.h"

#include "proppage.h"
#include "propsheet.h"

// Page class headers
#include "splash.h"
#include "AntiVirus.h"
#include "source.h"
#include "root.h"
#include "localdir.h"
#include "net.h"
#include "site.h"
#include "choose.h"
#include "prereq.h"
#include "threebar.h"
#include "desktop.h"

#include "getopt++/GetOption.h"
#include "getopt++/BoolOption.h"

#include "UserSettings.h"
#include "Exception.h"
#include <stdexcept>

using namespace std;

HINSTANCE hinstance;

static BoolOption UnattendedOption (false, 'q', "quiet-mode", "Unattended setup mode");
static BoolOption HelpOption (false, 'h', "help", "print help");

/* Maximum size of a SID on NT/W2K. */
#define MAX_SID_LEN	40

/* Computes the size of an ACL in relation to the number of ACEs it
   should contain. */
#define TOKEN_ACL_SIZE(cnt) (sizeof(ACL) + \
			     (cnt) * (sizeof(ACCESS_ALLOWED_ACE) + MAX_SID_LEN))

namespace Setup {
  class SIDWrapper {
    public:
      SIDWrapper();
      /* Prevent synthetics. If assignment is needed, this should be refcounting  */
      SIDWrapper(SIDWrapper const &);
      SIDWrapper&operator=(SIDWrapper const&);
      ~SIDWrapper();
      /* We could look at doing weird typcast overloads here,
      but manual access is easier for now
      */
      PSID &theSID();
      PSID const &theSID() const;
    private:
      PSID value;
  };

SIDWrapper::SIDWrapper() : value(NULL) {}
SIDWrapper::~SIDWrapper()
{
  if (value)
    FreeSid (value);
}

PSID &
SIDWrapper::theSID()
{
  return value;
}

PSID const &
SIDWrapper::theSID() const
{
  return value;
}

  class HANDLEWrapper {
    public:
      HANDLEWrapper();
      /* Prevent synthetics. If assignment is needed, we should duphandles, or refcount */
      HANDLEWrapper(HANDLEWrapper const &);
      HANDLEWrapper&operator=(HANDLEWrapper const &);
      ~HANDLEWrapper();
      HANDLE &theHANDLE();
      HANDLE const &theHANDLE() const;
    private:
      HANDLE value;
  };

HANDLEWrapper::HANDLEWrapper() : value (NULL) {}
HANDLEWrapper::~HANDLEWrapper()
{
  if (value)
    CloseHandle(value);
}

HANDLE &
HANDLEWrapper::theHANDLE() 
{
  return value;
}

HANDLE const &
HANDLEWrapper::theHANDLE() const 
{
  return value;
}

};

class TokenGroupCollection {
  public:
  TokenGroupCollection(DWORD, Setup::HANDLEWrapper &);
  ~TokenGroupCollection();
  /* prevent synthetics */
  TokenGroupCollection &operator=(TokenGroupCollection const &);
  TokenGroupCollection (TokenGroupCollection const &);
  bool find (Setup::SIDWrapper const &) const;
  bool populated() const { return populated_;}
  void populate();
  private:
  mutable bool populated_;
  char *buffer;
  DWORD bufferSize;
  Setup::HANDLEWrapper &token;
};

TokenGroupCollection::TokenGroupCollection(DWORD aSize, Setup::HANDLEWrapper &aHandle) : populated_(false), buffer(new char[aSize]), bufferSize(aSize), token(aHandle)
{
}

TokenGroupCollection::~TokenGroupCollection()
{
  if (buffer)
    delete[] buffer;
}

void
TokenGroupCollection::populate()
{
  if (!GetTokenInformation (token.theHANDLE(), TokenGroups, buffer, bufferSize, &bufferSize))
    {
      log (LOG_TIMESTAMP) << "GetTokenInformation() failed: " <<
	  	GetLastError () << endLog;
	return;
    }
  populated_ = true;
}

bool
TokenGroupCollection::find (Setup::SIDWrapper const &aSID) const
{
  if (!populated())
    return false;
  TOKEN_GROUPS *groups = (TOKEN_GROUPS *) buffer;
  for (DWORD pg = 0; pg < groups->GroupCount; ++pg)
    if (EqualSid(groups->Groups[pg].Sid, aSID.theSID()))
      return true;
  return false;
}

class NTSecurity
{
public:
  static void NoteFailedAPI(String const &);
  NTSecurity();
  ~NTSecurity();
  /* prevent synthetics */
  NTSecurity &operator=(NTSecurity const&);
  NTSecurity(NTSecurity const &);

  void setDefaultSecurity();
private:
  void failed(bool const &);
  bool const &failed() const;
  void initialiseEveryOneSID();
  void setDefaultDACL ();
  Setup::SIDWrapper everyOneSID, administratorsSID, usid;
  Setup::HANDLEWrapper token;
  bool failed_;
  struct {
    PSID psid;
    char buf[MAX_SID_LEN];
  } osid;
  DWORD size;
};

void
set_default_sec()
{
  NTSecurity worker;
  worker.setDefaultSecurity();
}

void
NTSecurity::NoteFailedAPI(String const &api)
{
      log (LOG_TIMESTAMP) << api << "() failed: " << GetLastError () << endLog;
}

NTSecurity::NTSecurity() : everyOneSID (), administratorsSID(), usid(), token(), failed_(false)
{}

NTSecurity::~NTSecurity()
{
}

void
NTSecurity::failed(bool const &aBool) 
{
  failed_ = aBool;
}

bool const &
NTSecurity::failed() const
{
  return failed_;
}

void
NTSecurity::initialiseEveryOneSID()
{
  SID_IDENTIFIER_AUTHORITY sid_auth = { SECURITY_WORLD_SID_AUTHORITY };
  if (!AllocateAndInitializeSid (&sid_auth, 1, 0, 0, 0, 0, 0, 0, 0, 0, &everyOneSID.theSID()))
    {
      NoteFailedAPI ("AllocateAndInitializeSid");
      failed(true);
    }
}

void
NTSecurity::setDefaultDACL ()
{
  /* To assure that the created files have a useful ACL, the 
     default DACL in the process token is set to full access to
     everyone. This applies to files and subdirectories created
     in directories which don't propagate permissions to child
     objects. 
     To assure that the files group is meaningful, a token primary
     group of None is changed to Users or Administrators. */

  initialiseEveryOneSID();
  if (failed())
    return;

  /* Create a buffer which has enough room to contain the TOKEN_DEFAULT_DACL
     structure plus an ACL with one ACE. */
  size_t bufferSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) 
            + GetLengthSid(everyOneSID.theSID()) - sizeof(DWORD);

  std::auto_ptr<char> buf (new char[bufferSize]);

  /* First initialize the TOKEN_DEFAULT_DACL structure. */
  PACL dacl = (PACL)buf.get();

  /* Initialize the ACL for containing one ACE. */
  if (!InitializeAcl (dacl, bufferSize, ACL_REVISION))
    {
      NoteFailedAPI ("InitializeAcl");
      failed(true);
      return;
    }

  /* Create the ACE which grants full access to "Everyone" and store it
     in dacl. */
  if (!AddAccessAllowedAce
      (dacl, ACL_REVISION, GENERIC_ALL, everyOneSID.theSID()))
    {
      NoteFailedAPI ("AddAccessAllowedAce");
      failed(true);
      return;
    }

  /* Get the processes access token. */
  if (!OpenProcessToken (GetCurrentProcess (),
			 TOKEN_READ | TOKEN_ADJUST_DEFAULT, &token.theHANDLE()))
    {
      NoteFailedAPI ("OpenProcessToken");
      failed(true);
      return;
    }

  /* Set the default DACL to the above computed ACL. */
  if (!SetTokenInformation (token.theHANDLE(), TokenDefaultDacl, &dacl, bufferSize))
    {
      NoteFailedAPI ("SetTokenInformation");
      failed(true);
    }
}

void
NTSecurity::setDefaultSecurity ()
{

  setDefaultDACL();
  if (failed())
    return;

  /* Get the user */
  if (!GetTokenInformation (token.theHANDLE(), TokenUser, &osid, 
			    sizeof osid, &size))
    {
      NoteFailedAPI("GetTokenInformation");
      return;
    }
  /* Make it the owner */
  if (!SetTokenInformation (token.theHANDLE(), TokenOwner, &osid, 
			    sizeof osid))
    {
      NoteFailedAPI("SetTokenInformation");
      return;
    }

  SID_IDENTIFIER_AUTHORITY sid_auth;
  sid_auth = (SID_IDENTIFIER_AUTHORITY) { SECURITY_NT_AUTHORITY };
  /* Get the SID for "Administrators" S-1-5-32-544 */
  if (!AllocateAndInitializeSid (&sid_auth, 2, SECURITY_BUILTIN_DOMAIN_RID, 
				 DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &administratorsSID.theSID()))
    {
        NoteFailedAPI("AllocateAndInitializeSid");
	return;
    }
  /* Get the SID for "Users" S-1-5-32-545 */
  if (!AllocateAndInitializeSid (&sid_auth, 2, SECURITY_BUILTIN_DOMAIN_RID, 
			DOMAIN_ALIAS_RID_USERS, 0, 0, 0, 0, 0, 0, &usid.theSID()))
    {
      NoteFailedAPI("AllocateAndInitializeSid");
      return;
    }
  /* Get the token groups */
  if (!GetTokenInformation (token.theHANDLE(), TokenGroups, NULL, 0, &size)
	  && GetLastError () != ERROR_INSUFFICIENT_BUFFER)
    {
      NoteFailedAPI("GetTokenInformation");
      return;
    }
  TokenGroupCollection ntGroups(size, token);
  ntGroups.populate();
  if (!ntGroups.populated())
    return;
  /* Set the default group to one of the above computed SID. */
  PSID nsid = NULL;
  if (ntGroups.find (usid))
    {
      nsid = usid.theSID();
      log(LOG_TIMESTAMP) << "Changing gid to Users" << endLog;
    }
  else if (ntGroups.find (administratorsSID))
    {
      nsid = administratorsSID.theSID();
      log(LOG_TIMESTAMP) << "Changing gid to Administrators" << endLog;
    }
  if (nsid && !SetTokenInformation (token.theHANDLE(), TokenPrimaryGroup, &nsid, sizeof nsid))
    NoteFailedAPI ("SetTokenInformation");
}

// Other threads talk to this page, so we need to have it externable.
ThreeBarProgressPage Progress;

// This is a little ugly, but the decision about where to log occurs
// after the source is set AND the root mount obtained
// so we make the actual logger available to the appropriate routine(s).
LogFile *theLog;

#ifndef __CYGWIN__
int WINAPI
WinMain (HINSTANCE h,
	 HINSTANCE hPrevInstance, LPSTR command_line, int cmd_show)
{

  hinstance = h;
#else
int
main (int argc, char **argv)
{
  hinstance = GetModuleHandle (NULL);
#endif

  try {
    char *cwd=new char[MAX_PATH];
    GetCurrentDirectory (MAX_PATH, cwd);
    local_dir = String (cwd);
    delete cwd;

    // TODO: make an equivalent for __argv under cygwin.
    char **_argv;
#ifndef __CYGWIN__
    int argc;
    for (argc = 0, _argv = __argv; *_argv; _argv++)++argc;
    _argv = __argv;
#else
    _argv = argv;
#endif

    if (!GetOption::GetInstance().Process (argc,_argv, NULL))
      exit(1);

    LogSingleton::SetInstance (*(theLog = LogFile::createLogFile()));
    theLog->setFile (LOG_BABBLE, local_dir + "/setup.log.full", false);
    theLog->setFile (0, local_dir + "/setup.log", true);

    log (LOG_PLAIN) << "Starting cygwin install, version " << setup_version << endLog;

    // Ensure files created by postinstall and preremove scripts
    // get sane permissions.
    if (putenv ("CYGWIN=nontsec") != 0)
      log (LOG_PLAIN) << "Failed to set CYGWIN=nontsec (errno " << errno 
            << ": " << strerror(errno) << ")" << endLog;
    
    UserSettings::Instance().loadAllSettings();

    SplashPage Splash;
    AntiVirusPage AntiVirus;
    SourcePage Source;
    RootPage Root;
    LocalDirPage LocalDir;
    NetPage Net;
    SitePage Site;
    ChooserPage Chooser;
    PrereqPage Prereq;
    DesktopSetupPage Desktop;
    PropSheet MainWindow;

    log (LOG_TIMESTAMP) << "Current Directory: " << local_dir << endLog;

    if (HelpOption)
    {
      GetOption::GetInstance().ParameterUsage(log(LOG_PLAIN)<<"\nCommand Line Options:\n");
      theLog->exit(0);
    }

    unattended_mode = UnattendedOption;

    /* Set the default DACL and Group only on NT/W2K. 9x/ME has 
       no idea of access control lists and security at all. */
    if (IsWindowsNT())
      set_default_sec ();

    // Initialize common controls
    InitCommonControls ();

    // Init window class lib
    Window::SetAppInstance (hinstance);

    // Create pages
    Splash.Create ();
    AntiVirus.Create ();
    Source.Create ();
    Root.Create ();
    LocalDir.Create ();
    Net.Create ();
    Site.Create ();
    Chooser.Create ();
    Prereq.Create ();
    Progress.Create ();
    Desktop.Create ();

    // Add pages to sheet
    MainWindow.AddPage (&Splash);
    MainWindow.AddPage (&AntiVirus);
    MainWindow.AddPage (&Source);
    MainWindow.AddPage (&Root);
    MainWindow.AddPage (&LocalDir);
    MainWindow.AddPage (&Net);
    MainWindow.AddPage (&Site);
    MainWindow.AddPage (&Chooser);
    MainWindow.AddPage (&Prereq);
    MainWindow.AddPage (&Progress);
    MainWindow.AddPage (&Desktop);

    // Create the PropSheet main window
    MainWindow.Create ();

    // Clean exit.. save user options.
    UserSettings::Instance().saveAllSettings();

    theLog->exit (0);
  }
  TOPLEVEL_CATCH("main");

  // Never reached
  return 0;
}
Commit	Line	Data
2b734ec7	1	/*
23c9e63c	2	* Copyright (c) 2000, Red Hat, Inc.
e46e15bf	3	* Copyright (c) 2003, Robert Collins <rbtcollins@hotmail.com>
23c9e63c DD	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License as published by
	7	* the Free Software Foundation; either version 2 of the License, or
	8	* (at your option) any later version.
	9	*
	10	* A copy of the GNU General Public License can be found at
	11	* http://www.gnu.org/
	12	*
	13	* Written by DJ Delorie <dj@cygnus.com>
e46e15bf RC	14	* Robert Collins <rbtcollins@hotmail.com>
e46e15bf RC	15	*
23c9e63c DD	16	*
	17	*/
	18
	19	/* OK, here's how this works. Each of the steps needed for install -
	20	dialogs, downloads, installs - are in their own files and have some
	21	"do_" function (prototype in dialog.h) and a resource id (IDD_ or
	22	IDD_S_* in resource.h) for that step. Each step is responsible for
	23	selecting the next step! See the NEXT macro in dialog.h. Note
	24	that the IDD_S_* ids are fake; those are for steps that don't
	25	really have a controlling dialog (some have progress dialogs, but
	26	those don't count, although they could). Replace the IDD_S_* with
	27	IDD_* if you create a real dialog for those steps. */
	28
b24c88b3 RC	29	#if 0
	30	static const char *cvsid =
	31	"\n%%% $Id$\n";
	32	#endif
8507f105	33
23c9e63c	34	#include "win32.h"
ab57ceaa	35	#include <commctrl.h>
23c9e63c DD	36
23c9e63c DD	37	#include <stdio.h>
89b1a15b	38	#include <stdlib.h>
23c9e63c DD	39	#include "resource.h"
	40	#include "dialog.h"
	41	#include "state.h"
	42	#include "msg.h"
23c9e63c DD	43	#include "find.h"
23c9e63c DD	44	#include "mount.h"
9f4a0c62	45	#include "LogFile.h"
2b734ec7	46	#include "setup_version.h"
89b1a15b	47
ab57ceaa RC	48	#include "proppage.h"
	49	#include "propsheet.h"
	50
	51	// Page class headers
	52	#include "splash.h"
f9e903a3	53	#include "AntiVirus.h"
ab57ceaa RC	54	#include "source.h"
	55	#include "root.h"
	56	#include "localdir.h"
	57	#include "net.h"
	58	#include "site.h"
	59	#include "choose.h"
82306ac2	60	#include "prereq.h"
ab57ceaa RC	61	#include "threebar.h"
ab57ceaa RC	62	#include "desktop.h"
23c9e63c	63
6908b7d7	64	#include "getopt++/GetOption.h"
f2ff9838	65	#include "getopt++/BoolOption.h"
1be8f8fd	66
0df9be37	67	#include "UserSettings.h"
072fb49a MB	68	#include "Exception.h"
	69	#include <stdexcept>
	70
	71	using namespace std;
0df9be37	72
23c9e63c DD	73	HINSTANCE hinstance;
23c9e63c DD	74
f2ff9838	75	static BoolOption UnattendedOption (false, 'q', "quiet-mode", "Unattended setup mode");
c9feb168	76	static BoolOption HelpOption (false, 'h', "help", "print help");
f2ff9838	77
acbae401 CV	78	/* Maximum size of a SID on NT/W2K. */
	79	#define MAX_SID_LEN 40
	80
	81	/* Computes the size of an ACL in relation to the number of ACEs it
	82	should contain. */
	83	#define TOKEN_ACL_SIZE(cnt) (sizeof(ACL) + \
	84	(cnt) * (sizeof(ACCESS_ALLOWED_ACE) + MAX_SID_LEN))
	85
e46e15bf RC	86	namespace Setup {
	87	class SIDWrapper {
	88	public:
	89	SIDWrapper();
	90	/* Prevent synthetics. If assignment is needed, this should be refcounting */
	91	SIDWrapper(SIDWrapper const &);
	92	SIDWrapper&operator=(SIDWrapper const&);
	93	~SIDWrapper();
	94	/* We could look at doing weird typcast overloads here,
	95	but manual access is easier for now
	96	*/
	97	PSID &theSID();
	98	PSID const &theSID() const;
	99	private:
	100	PSID value;
	101	};
	102
	103	SIDWrapper::SIDWrapper() : value(NULL) {}
	104	SIDWrapper::~SIDWrapper()
	105	{
	106	if (value)
	107	FreeSid (value);
	108	}
	109
	110	PSID &
	111	SIDWrapper::theSID()
	112	{
	113	return value;
	114	}
	115
	116	PSID const &
	117	SIDWrapper::theSID() const
	118	{
	119	return value;
	120	}
	121
	122	class HANDLEWrapper {
	123	public:
	124	HANDLEWrapper();
	125	/* Prevent synthetics. If assignment is needed, we should duphandles, or refcount */
	126	HANDLEWrapper(HANDLEWrapper const &);
	127	HANDLEWrapper&operator=(HANDLEWrapper const &);
	128	~HANDLEWrapper();
	129	HANDLE &theHANDLE();
	130	HANDLE const &theHANDLE() const;
	131	private:
	132	HANDLE value;
	133	};
	134
	135	HANDLEWrapper::HANDLEWrapper() : value (NULL) {}
	136	HANDLEWrapper::~HANDLEWrapper()
	137	{
	138	if (value)
	139	CloseHandle(value);
	140	}
	141
	142	HANDLE &
	143	HANDLEWrapper::theHANDLE()
	144	{
	145	return value;
	146	}
	147
	148	HANDLE const &
	149	HANDLEWrapper::theHANDLE() const
150	{
151	return value;
152	}
153
154	};
155
156	class TokenGroupCollection {
157	public:
158	TokenGroupCollection(DWORD, Setup::HANDLEWrapper &);
159	~TokenGroupCollection();
160	/* prevent synthetics */
161	TokenGroupCollection &operator=(TokenGroupCollection const &);
162	TokenGroupCollection (TokenGroupCollection const &);
163	bool find (Setup::SIDWrapper const &) const;
164	bool populated() const { return populated_;}
165	void populate();
166	private:
167	mutable bool populated_;
168	char *buffer;
169	DWORD bufferSize;
170	Setup::HANDLEWrapper &token;
171	};
172
173	TokenGroupCollection::TokenGroupCollection(DWORD aSize, Setup::HANDLEWrapper &aHandle) : populated_(false), buffer(new char[aSize]), bufferSize(aSize), token(aHandle)
174	{
175	}
176
177	TokenGroupCollection::~TokenGroupCollection()
178	{
179	if (buffer)
180	delete[] buffer;
181	}
182
183	void
184	TokenGroupCollection::populate()
185	{
186	if (!GetTokenInformation (token.theHANDLE(), TokenGroups, buffer, bufferSize, &bufferSize))
187	{
188	log (LOG_TIMESTAMP) << "GetTokenInformation() failed: " <<
189	GetLastError () << endLog;
190	return;
191	}
192	populated_ = true;
193	}
194
195	bool
196	TokenGroupCollection::find (Setup::SIDWrapper const &aSID) const
197	{
198	if (!populated())
199	return false;
200	TOKEN_GROUPS groups = (TOKEN_GROUPS ) buffer;
201	for (DWORD pg = 0; pg < groups->GroupCount; ++pg)
202	if (EqualSid(groups->Groups[pg].Sid, aSID.theSID()))
203	return true;
204	return false;
205	}
206
207	class NTSecurity
208	{
209	public:
210	static void NoteFailedAPI(String const &);
211	NTSecurity();
212	~NTSecurity();
213	/* prevent synthetics */
214	NTSecurity &operator=(NTSecurity const&);
215	NTSecurity(NTSecurity const &);
216
217	void setDefaultSecurity();
218	private:
219	void failed(bool const &);
220	bool const &failed() const;
221	void initialiseEveryOneSID();
222	void setDefaultDACL ();
223	Setup::SIDWrapper everyOneSID, administratorsSID, usid;
224	Setup::HANDLEWrapper token;
225	bool failed_;
c59b8da6 MB	226	struct {
	227	PSID psid;
	228	char buf[MAX_SID_LEN];
	229	} osid;
	230	DWORD size;
e46e15bf RC	231	};
	232
	233	void
	234	set_default_sec()
	235	{
	236	NTSecurity worker;
	237	worker.setDefaultSecurity();
	238	}
	239
	240	void
	241	NTSecurity::NoteFailedAPI(String const &api)
	242	{
	243	log (LOG_TIMESTAMP) << api << "() failed: " << GetLastError () << endLog;
	244	}
	245
	246	NTSecurity::NTSecurity() : everyOneSID (), administratorsSID(), usid(), token(), failed_(false)
	247	{}
	248
	249	NTSecurity::~NTSecurity()
	250	{
	251	}
	252
	253	void
	254	NTSecurity::failed(bool const &aBool)
	255	{
	256	failed_ = aBool;
	257	}
	258
	259	bool const &
	260	NTSecurity::failed() const
	261	{
	262	return failed_;
	263	}
	264
acbae401	265	void
e46e15bf RC	266	NTSecurity::initialiseEveryOneSID()
	267	{
	268	SID_IDENTIFIER_AUTHORITY sid_auth = { SECURITY_WORLD_SID_AUTHORITY };
	269	if (!AllocateAndInitializeSid (&sid_auth, 1, 0, 0, 0, 0, 0, 0, 0, 0, &everyOneSID.theSID()))
	270	{
	271	NoteFailedAPI ("AllocateAndInitializeSid");
	272	failed(true);
	273	}
	274	}
	275
	276	void
	277	NTSecurity::setDefaultDACL ()
acbae401 CV	278	{
acbae401 CV	279	/* To assure that the created files have a useful ACL, the
b24c88b3 RC	280	default DACL in the process token is set to full access to
	281	everyone. This applies to files and subdirectories created
	282	in directories which don't propagate permissions to child
adaa168a MB	283	objects.
	284	To assure that the files group is meaningful, a token primary
	285	group of None is changed to Users or Administrators. */
acbae401	286
e46e15bf RC	287	initialiseEveryOneSID();
	288	if (failed())
	289	return;
	290
acbae401 CV	291	/* Create a buffer which has enough room to contain the TOKEN_DEFAULT_DACL
acbae401 CV	292	structure plus an ACL with one ACE. */
e46e15bf RC	293	size_t bufferSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE)
	294	+ GetLengthSid(everyOneSID.theSID()) - sizeof(DWORD);
	295
	296	std::auto_ptr<char> buf (new char[bufferSize]);
acbae401 CV	297
acbae401 CV	298	/* First initialize the TOKEN_DEFAULT_DACL structure. */
e46e15bf	299	PACL dacl = (PACL)buf.get();
acbae401 CV	300
acbae401 CV	301	/* Initialize the ACL for containing one ACE. */
e46e15bf	302	if (!InitializeAcl (dacl, bufferSize, ACL_REVISION))
acbae401	303	{
e46e15bf RC	304	NoteFailedAPI ("InitializeAcl");
e46e15bf RC	305	failed(true);
acbae401 CV	306	return;
	307	}
	308
acbae401	309	/* Create the ACE which grants full access to "Everyone" and store it
e46e15bf	310	in dacl. */
b24c88b3	311	if (!AddAccessAllowedAce
e46e15bf	312	(dacl, ACL_REVISION, GENERIC_ALL, everyOneSID.theSID()))
acbae401	313	{
e46e15bf RC	314	NoteFailedAPI ("AddAccessAllowedAce");
	315	failed(true);
	316	return;
acbae401 CV	317	}
	318
	319	/* Get the processes access token. */
acbae401	320	if (!OpenProcessToken (GetCurrentProcess (),
e46e15bf	321	TOKEN_READ \| TOKEN_ADJUST_DEFAULT, &token.theHANDLE()))
acbae401	322	{
e46e15bf RC	323	NoteFailedAPI ("OpenProcessToken");
	324	failed(true);
	325	return;
acbae401 CV	326	}
	327
	328	/* Set the default DACL to the above computed ACL. */
e46e15bf RC	329	if (!SetTokenInformation (token.theHANDLE(), TokenDefaultDacl, &dacl, bufferSize))
	330	{
	331	NoteFailedAPI ("SetTokenInformation");
	332	failed(true);
	333	}
	334	}
acbae401	335
e46e15bf RC	336	void
	337	NTSecurity::setDefaultSecurity ()
	338	{
adaa168a	339
e46e15bf RC	340	setDefaultDACL();
	341	if (failed())
	342	return;
	343
c59b8da6 MB	344	/* Get the user */
	345	if (!GetTokenInformation (token.theHANDLE(), TokenUser, &osid,
	346	sizeof osid, &size))
adaa168a	347	{
c59b8da6	348	NoteFailedAPI("GetTokenInformation");
e46e15bf	349	return;
adaa168a	350	}
c59b8da6 MB	351	/* Make it the owner */
	352	if (!SetTokenInformation (token.theHANDLE(), TokenOwner, &osid,
	353	sizeof osid))
adaa168a	354	{
c59b8da6	355	NoteFailedAPI("SetTokenInformation");
e46e15bf	356	return;
adaa168a	357	}
e46e15bf RC	358
	359	SID_IDENTIFIER_AUTHORITY sid_auth;
	360	sid_auth = (SID_IDENTIFIER_AUTHORITY) { SECURITY_NT_AUTHORITY };
	361	/* Get the SID for "Administrators" S-1-5-32-544 */
	362	if (!AllocateAndInitializeSid (&sid_auth, 2, SECURITY_BUILTIN_DOMAIN_RID,
	363	DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &administratorsSID.theSID()))
	364	{
	365	NoteFailedAPI("AllocateAndInitializeSid");
	366	return;
	367	}
	368	/* Get the SID for "Users" S-1-5-32-545 */
	369	if (!AllocateAndInitializeSid (&sid_auth, 2, SECURITY_BUILTIN_DOMAIN_RID,
	370	DOMAIN_ALIAS_RID_USERS, 0, 0, 0, 0, 0, 0, &usid.theSID()))
adaa168a	371	{
e46e15bf RC	372	NoteFailedAPI("AllocateAndInitializeSid");
	373	return;
	374	}
	375	/* Get the token groups */
	376	if (!GetTokenInformation (token.theHANDLE(), TokenGroups, NULL, 0, &size)
adaa168a	377	&& GetLastError () != ERROR_INSUFFICIENT_BUFFER)
e46e15bf RC	378	{
	379	NoteFailedAPI("GetTokenInformation");
	380	return;
adaa168a	381	}
e46e15bf RC	382	TokenGroupCollection ntGroups(size, token);
	383	ntGroups.populate();
	384	if (!ntGroups.populated())
	385	return;
	386	/* Set the default group to one of the above computed SID. */
	387	PSID nsid = NULL;
	388	if (ntGroups.find (usid))
	389	{
	390	nsid = usid.theSID();
	391	log(LOG_TIMESTAMP) << "Changing gid to Users" << endLog;
	392	}
	393	else if (ntGroups.find (administratorsSID))
	394	{
	395	nsid = administratorsSID.theSID();
	396	log(LOG_TIMESTAMP) << "Changing gid to Administrators" << endLog;
	397	}
	398	if (nsid && !SetTokenInformation (token.theHANDLE(), TokenPrimaryGroup, &nsid, sizeof nsid))
	399	NoteFailedAPI ("SetTokenInformation");
acbae401 CV	400	}
acbae401 CV	401
ab57ceaa RC	402	// Other threads talk to this page, so we need to have it externable.
	403	ThreeBarProgressPage Progress;
	404
9f4a0c62 RC	405	// This is a little ugly, but the decision about where to log occurs
	406	// after the source is set AND the root mount obtained
	407	// so we make the actual logger available to the appropriate routine(s).
a55c8f45	408	LogFile *theLog;
9f4a0c62	409
45e01f23	410	#ifndef __CYGWIN__
23c9e63c	411	int WINAPI
1fd6d0a2	412	WinMain (HINSTANCE h,
b24c88b3	413	HINSTANCE hPrevInstance, LPSTR command_line, int cmd_show)
23c9e63c	414	{
8bb9dad9	415
23c9e63c	416	hinstance = h;
45e01f23 RC	417	#else
	418	int
	419	main (int argc, char **argv)
	420	{
	421	hinstance = GetModuleHandle (NULL);
	422	#endif
23c9e63c	423
072fb49a	424	try {
4875ac88 MB	425	char *cwd=new char[MAX_PATH];
4875ac88 MB	426	GetCurrentDirectory (MAX_PATH, cwd);
072fb49a MB	427	local_dir = String (cwd);
	428	delete cwd;
	429
c66b9174 MB	430	// TODO: make an equivalent for __argv under cygwin.
	431	char **_argv;
	432	#ifndef __CYGWIN__
	433	int argc;
	434	for (argc = 0, _argv = __argv; *_argv; _argv++)++argc;
	435	_argv = __argv;
	436	#else
	437	_argv = argv;
	438	#endif
	439
	440	if (!GetOption::GetInstance().Process (argc,_argv, NULL))
2c4261a8	441	exit(1);
c66b9174	442
072fb49a MB	443	LogSingleton::SetInstance (*(theLog = LogFile::createLogFile()));
	444	theLog->setFile (LOG_BABBLE, local_dir + "/setup.log.full", false);
	445	theLog->setFile (0, local_dir + "/setup.log", true);
	446
2b734ec7	447	log (LOG_PLAIN) << "Starting cygwin install, version " << setup_version << endLog;
072fb49a	448
069a187a MB	449	// Ensure files created by postinstall and preremove scripts
069a187a MB	450	// get sane permissions.
96f50f64 BD	451	if (putenv ("CYGWIN=nontsec") != 0)
	452	log (LOG_PLAIN) << "Failed to set CYGWIN=nontsec (errno " << errno
	453	<< ": " << strerror(errno) << ")" << endLog;
069a187a	454
072fb49a MB	455	UserSettings::Instance().loadAllSettings();
	456
	457	SplashPage Splash;
	458	AntiVirusPage AntiVirus;
	459	SourcePage Source;
	460	RootPage Root;
	461	LocalDirPage LocalDir;
	462	NetPage Net;
	463	SitePage Site;
	464	ChooserPage Chooser;
82306ac2	465	PrereqPage Prereq;
072fb49a MB	466	DesktopSetupPage Desktop;
	467	PropSheet MainWindow;
	468
	469	log (LOG_TIMESTAMP) << "Current Directory: " << local_dir << endLog;
	470
072fb49a MB	471	if (HelpOption)
	472	{
	473	GetOption::GetInstance().ParameterUsage(log(LOG_PLAIN)<<"\nCommand Line Options:\n");
	474	theLog->exit(0);
	475	}
b24c88b3	476
072fb49a MB	477	unattended_mode = UnattendedOption;
	478
	479	/* Set the default DACL and Group only on NT/W2K. 9x/ME has
	480	no idea of access control lists and security at all. */
4875ac88	481	if (IsWindowsNT())
072fb49a MB	482	set_default_sec ();
	483
	484	// Initialize common controls
	485	InitCommonControls ();
	486
	487	// Init window class lib
	488	Window::SetAppInstance (hinstance);
	489
	490	// Create pages
	491	Splash.Create ();
	492	AntiVirus.Create ();
	493	Source.Create ();
	494	Root.Create ();
	495	LocalDir.Create ();
	496	Net.Create ();
	497	Site.Create ();
	498	Chooser.Create ();
82306ac2	499	Prereq.Create ();
072fb49a MB	500	Progress.Create ();
	501	Desktop.Create ();
	502
	503	// Add pages to sheet
	504	MainWindow.AddPage (&Splash);
	505	MainWindow.AddPage (&AntiVirus);
	506	MainWindow.AddPage (&Source);
	507	MainWindow.AddPage (&Root);
	508	MainWindow.AddPage (&LocalDir);
	509	MainWindow.AddPage (&Net);
	510	MainWindow.AddPage (&Site);
	511	MainWindow.AddPage (&Chooser);
82306ac2	512	MainWindow.AddPage (&Prereq);
072fb49a MB	513	MainWindow.AddPage (&Progress);
	514	MainWindow.AddPage (&Desktop);
	515
	516	// Create the PropSheet main window
	517	MainWindow.Create ();
	518
	519	// Clean exit.. save user options.
	520	UserSettings::Instance().saveAllSettings();
	521
	522	theLog->exit (0);
c9feb168	523	}
072fb49a	524	TOPLEVEL_CATCH("main");
c9feb168	525
072fb49a	526	// Never reached
b24c88b3	527	return 0;
23c9e63c	528	}