ConvertStringSidToSidA(“S-1-22-1-1”, &sid) 失败,Unix_User+1 的 sid 无效

ConvertStringSidToSidA("S-1-22-1-1", &sid) fails with invalid sid for Unix_User+1

提问人:Cedric Blancher 提问时间:10/3/2023 最后编辑:Remy LebeauCedric Blancher 更新时间:11/17/2023 访问量:44

问:

我尝试了一个简单的三行hello world程序,它试图获取Unix_User+1的SID:

bash -c 'getent passwd "Unix_User+1"'
Unix_User+1:*:4278190081:4278190081:U-Unix_User\1,S-1-22-1-1:/:/sbin/nologin

但是在Cygwin上投入失败了。"S-1-22-1-1"ConvertStringSidToSidA()ERROR_INVALID_SID

ConvertStringSidToSidA("S-1-22-1-1", &sid)

为什么?我以为 SMB 已经保留了它的用法,而 Cygwin 在输出中使用 Unix_User+1。"S-1-22-1-*"ls -l

我怎样才能在我的计划中工作?ConvertStringSidToSidA()

winapi cygwin samba smb sid

评论

0赞 Adrian Mole 10/4/2023
对CygWin了解不多,但是在我的Windows 10笔记本电脑上,在Visual Studio(MSVC)的简单控制台程序中进行调用会返回“成功”。

答:

1赞 Roland Mainz 11/16/2023 #1

我在我们的代码库(https://github.com/kofemann/ms-nfs41-client/blob/master/daemon/acl.c)中解决了这个问题,如下所示:

/*
 * Allocate a SID from SECURITY_SAMBA_UNIX_AUTHORITY, which encodes an
 * UNIX/POSIX uid directly into a SID.
 *
 * Examples:
 * UID 1616 gets mapped to "Unix_User+1616", encoding the UID into the
 * SID as "S-1-22-1-1616":
 * $ getent passwd Unix_User+1616
 * Unix_User+1616:*:4278191696:4278191696:U-Unix_User\1616,S-1-22-1-1616:/:/sbin/nologin
 *
 * GID 1984 gets mapped to "Unix_Group+1984", encoding the GID into the
 * SID as "S-1-22-2-1984":
 * $ getent group Unix_Group+1984
 * Unix_Group+1984:S-1-22-2-1984:4278192064:
 *
 */

#define SECURITY_SAMBA_UNIX_AUTHORITY { { 0,0,0,0,0,22 } }
SID_IDENTIFIER_AUTHORITY sid_id_auth = SECURITY_SAMBA_UNIX_AUTHORITY;

static
BOOL allocate_unixuser_sid(unsigned long uid, PSID *pSid)
{
    PSID sid = NULL;
    PSID malloced_sid = NULL;
    DWORD sid_len;

    if (AllocateAndInitializeSid(&sid_id_auth, 2, 1, (DWORD)uid,
        0, 0, 0, 0, 0, 0, &sid)) {
        sid_len = GetLengthSid(sid);

        malloced_sid = malloc(sid_len);

        if (malloced_sid) {
            /*
             * |AllocateAndInitializeSid()| has an own memory
             * allocator, but we need the sid in memory from
             * |malloc()|
             */
            if (CopySid(sid_len, malloced_sid, sid)) {
                FreeSid(sid);
                *pSid = malloced_sid;
                dprintf(ACLLVL, "allocate_unixuser_sid(): Allocated "
                    "Unix_User+%lu: success, len=%ld\n",
                    uid, (long)sid_len);
                return TRUE;
            }
        }
    }

    FreeSid(sid);
    free(malloced_sid);
    dprintf(ACLLVL, "allocate_unixuser_sid(): Failed to allocate "
        "SID for Unix_User+%lu: error code %d\n",
        uid, GetLastError());
    return FALSE;
}

static
BOOL allocate_unixgroup_sid(unsigned long gid, PSID *pSid)
{
    PSID sid = NULL;
    PSID malloced_sid = NULL;
    DWORD sid_len;

    if (AllocateAndInitializeSid(&sid_id_auth, 2, 2, (DWORD)gid,
        0, 0, 0, 0, 0, 0, &sid)) {
        sid_len = GetLengthSid(sid);

        malloced_sid = malloc(sid_len);

        if (malloced_sid) {
            /*
             * |AllocateAndInitializeSid()| has an own memory
             * allocator, but we need the sid in memory from
             * |malloc()|
             */
            if (CopySid(sid_len, malloced_sid, sid)) {
                FreeSid(sid);
                *pSid = malloced_sid;
                dprintf(ACLLVL, "allocate_unixgroup_sid(): Allocated "
                    "Unix_Group+%lu: success, len=%ld\n",
                    gid, (long)sid_len);
                return TRUE;
            }
        }
    }

    FreeSid(sid);
    free(malloced_sid);
    dprintf(ACLLVL, "allocate_unixgroup_sid(): Failed to allocate "
        "SID for Unix_Group+%lu: error code %d\n",
        gid, GetLastError());
    return FALSE;
}

上一个:Windows:从 Cygwin 确定 C 语言中的操作系统版本

下一个:如何使用 libhidapi0 库识别 Dual-Shock 4 控制器?