terrell@musky2.MUSKINGUM.EDU (08/25/88)
Posting-number: Volume 4, Issue 35
Submitted-by: "A. Nonymous" <terrell@musky2.MUSKINGUM.EDU>
Archive-name: getprivs.vms
[Note: this is a VMS DCL shar file, but not the fancy kind. ++bsa]
This program was written because we needed a quick way to find out
what users had a certain privilege. You just tell the program what
privilege(s) you are interested in, and it will tell you who has
them. Note that you have to have certain privileges to run this program.
This was written in VAX Pascal, version 3.6 under VMS version 4.7 .
Roger Terrell
...!musky2!terrell
=====Cut Here=====Cut Here=====Cut Here=====Cut Here=====Cut Here=====
$! This is a DCL shar-type archive created by Unix dclshar.
$!
$CREATE GETPRIVS.PAS
$DECK
[INHERIT ('SYS$LIBRARY:STARLET')]
PROGRAM Get_Privileges (INPUT, OUTPUT, OutFile);
(*
Written by Roger W. Terrell
24-AUG-1988
This program takes as input a list of privileges and produces as output
an alphabetical list of the users who have those privileges.
*)
CONST
%INCLUDE 'SYS$LIBRARY:PASSTATUS.PAS'
TYPE
PrivType = (CMKRNL,CMEXEC,SYSNAM,GRPNAM,ALLSPOOL,DETACH,DIAGNOSE,LOG_IO,
GROUP,ACNT,PRMCEB,PRMMBX,PSWAPM,ALTPRI,SETPRV,TMPMBX,WORLD,
MOUNT,OPER,EXQUOTA,NETMBX,VOLPRO,PHY_IO,BUGCHK,PRMGBL,SYSGBL,
PFNMAP,SHMEM,SYSPRV,BYPASS,SYSLCK,SHARE,UPGRADE,DOWNGRADE,
GRPPRV,READALL,SECURITY);
PrivArray = [QUAD] PACKED ARRAY [CMKRNL..SECURITY] OF BOOLEAN;
Item_List_3 = PACKED ARRAY [1..3] OF PACKED RECORD
CASE INTEGER OF
1 : (FIELD1 : [WORD] 0..65535;
FIELD2 : [WORD] 0..65535;
FIELD3 : UNSIGNED;
FIELD4 : UNSIGNED );
2 : (TERMINATOR : UNSIGNED);
END;
String12 = PACKED ARRAY [1..12] OF CHAR;
VAR
Privilege : PrivType;
PrivCount : PrivType;
DefPrivs : [VOLATILE] PrivArray;
AuthPrivs : [VOLATILE] PrivArray;
Privs : PrivArray;
Identifier : String12;
ID_Context : UNSIGNED;
ID_Status : UNSIGNED;
UAI_Stat : UNSIGNED;
InfoList : Item_List_3;
DefLength : [VOLATILE] INTEGER;
AuthLength : [VOLATILE] INTEGER;
NameOut : BOOLEAN;
ErrorOut : BOOLEAN;
OutFile : TEXT;
OutName : PACKED ARRAY [1..32] OF CHAR;
BEGIN
ErrorOut := FALSE;
WRITELN ('Enter privilege(s) to check for. Separate mulitiple');
WRITELN ('privileges with a single space.');
WRITE ('> ');
FOR Privilege := CMKRNL TO SECURITY DO
Privs[Privilege] := FALSE;
REPEAT
READ (Privilege, ERROR := CONTINUE);
IF STATUS(INPUT) = PAS$K_SUCCESS THEN
Privs[Privilege] := TRUE
ELSE
ErrorOut := TRUE;
UNTIL EOLN(INPUT) OR ErrorOut;
READLN;
IF NOT ErrorOut THEN
BEGIN
WRITELN;
WRITE ('Enter file to write to [ TT: ]: ');
READLN (OutName);
WRITELN ('Working...');
WRITELN; WRITELN;
IF OutName = '' THEN
OutName := 'TT:';
OPEN (OutFile, OutName);
REWRITE (OutFile);
WRITELN (OutFile, 'Privileges that are DEFAULT but not AUTHORIZED');
WRITELN (OutFile, 'are marked with an asterisk.');
WRITELN (OutFile);
ID_Context := 0;
InfoList[1].FIELD1 := 64;
InfoList[1].FIELD2 := UAI$_DEF_PRIV;
InfoList[1].FIELD3 := (ADDRESS(DefPrivs))::UNSIGNED;
InfoList[1].FIELD4 := (ADDRESS(DefLength))::UNSIGNED;
InfoList[2].FIELD1 := 64;
InfoList[2].FIELD2 := UAI$_PRIV;
InfoList[2].FIELD3 := (ADDRESS(AuthPrivs))::UNSIGNED;
InfoList[2].FIELD4 := (ADDRESS(AuthLength))::UNSIGNED;
InfoList[3].Terminator := 0;
ID_Status := SS$_NORMAL;
WHILE ID_Status <> SS$_NOSUCHID DO
BEGIN
ID_Status := $IDTOASC (-1, NAMBUF := Identifier, CONTXT := ID_Context);
UAI_Stat := $GETUAI (USRNAM := Identifier, ITMLST := InfoList);
IF UAI_STAT = SS$_NORMAL THEN
BEGIN
NameOut := FALSE;
FOR PrivCount := CMKRNL TO SECURITY DO
IF (Privs[PrivCount] AND AuthPrivs[PrivCount]) OR
(Privs[PrivCount] AND DefPrivs[PrivCount]) THEN
BEGIN
IF NOT NameOut THEN
BEGIN
WRITE (OutFile, Identifier, ' ');
NameOut := TRUE;
END; (* IF *)
WRITE (OutFile, PrivCount);
IF (DefPrivs[PrivCount] AND (NOT AuthPrivs[PrivCount])) THEN
WRITE (OutFile, '* ')
ELSE
WRITE (OutFile, ' ');
END; (* IF *)
IF NameOut THEN
WRITELN (OutFile);
END; (* IF *)
END; (* WHILE *)
END (* IF *)
ELSE
WRITELN ('Error reading Privilege(s). Program ends.');
END.
$EOD