Handle running without administrator privileges.

[nssm.git] / nssm.cpp

diff --git a/nssm.cpp b/nssm.cpp
index f412579..7a73114 100644 (file)
--- a/nssm.cpp
+++ b/nssm.cpp
@@ -1,5 +1,8 @@
 #include "nssm.h"\r
 \r
+extern unsigned long tls_index;\r
+extern bool is_admin;\r
+\r
 /* String function */\r
 int str_equiv(const char *a, const char *b) {\r
   int i;\r
@@ -25,29 +28,55 @@ int usage(int ret) {
   return(ret);\r
 }\r
 \r
+void check_admin() {\r
+  is_admin = false;\r
+\r
+  /* Lifted from MSDN examples */\r
+  PSID AdministratorsGroup;\r
+  SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;\r
+  if (! AllocateAndInitializeSid(&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &AdministratorsGroup)) return;\r
+  CheckTokenMembership(0, AdministratorsGroup, /*XXX*/(PBOOL) &is_admin);\r
+  FreeSid(AdministratorsGroup);\r
+}\r
+\r
 int main(int argc, char **argv) {\r
-  /* Require an argument since users may try to run nssm directly */\r
-  if (argc == 1) exit(usage(1));\r
+  /* Remember if we are admin */\r
+  check_admin();\r
 \r
-  /* Valid commands are install or remove */\r
-  if (str_equiv(argv[1], "install")) {\r
-    exit(pre_install_service(argc - 2, argv + 2));\r
-  }\r
-  if (str_equiv(argv[1], "remove")) {\r
-    exit(pre_remove_service(argc - 2, argv + 2));\r
+  /* Elevate */\r
+  if (argc > 1) {\r
+    if (str_equiv(argv[1], "install") || str_equiv(argv[1], "remove")) {\r
+      if (! is_admin) {\r
+        fprintf(stderr, "Administrator access is needed to %s a service.\n", argv[1]);\r
+        exit(100);\r
+      }\r
+    }\r
+\r
+    /* Valid commands are install or remove */\r
+    if (str_equiv(argv[1], "install")) {\r
+      exit(pre_install_service(argc - 2, argv + 2));\r
+    }\r
+    if (str_equiv(argv[1], "remove")) {\r
+      exit(pre_remove_service(argc - 2, argv + 2));\r
+    }\r
   }\r
-  /* Undocumented: "run" is used to actually do service stuff */\r
-  if (! str_equiv(argv[1], NSSM_RUN)) exit(usage(2));\r
+\r
+  /* Thread local storage for error message buffer */\r
+  tls_index = TlsAlloc();\r
+\r
+  /* Register messages */\r
+  if (is_admin) create_messages();\r
 \r
   /* Start service magic */\r
   SERVICE_TABLE_ENTRY table[] = { { NSSM, service_main }, { 0, 0 } };\r
   if (! StartServiceCtrlDispatcher(table)) {\r
-    char *message = error_string(GetLastError());\r
-    eventprintf(EVENTLOG_ERROR_TYPE, "StartServiceCtrlDispatcher() failed: %s", message);\r
-    if (message) LocalFree(message);\r
-    return 100;\r
+    unsigned long error = GetLastError();\r
+    /* User probably ran nssm with no argument */\r
+    if (error == ERROR_FAILED_SERVICE_CONTROLLER_CONNECT) exit(usage(1));\r
+    log_event(EVENTLOG_ERROR_TYPE, NSSM_EVENT_DISPATCHER_FAILED, error_string(error), 0);\r
+    exit(100);\r
   }\r
 \r
   /* And nothing more to do */\r
-  return 0;\r
+  exit(0);\r
 }\r