v04i035: getprivs.pas (VMS Pascal)

[terrell at musky2.MUSKINGUM.EDU]

Posting-number: Volume 4, Issue 35
Submitted-by: "A. Nonymous" <terrell at musky2.MUSKINGUM.EDU>
Archive-name: getprivs.vms

[Note:  this is a VMS DCL shar file, but not the fancy kind.  ++bsa]

This program was written because we needed a quick way to find out
what users had a certain privilege.  You just tell the program what
privilege(s) you are interested in, and it will tell you who has
them.  Note that you have to have certain privileges to run this program.

This was written in VAX Pascal, version 3.6 under VMS version 4.7 .

Roger Terrell
...!musky2!terrell

=====Cut Here=====Cut Here=====Cut Here=====Cut Here=====Cut Here=====
$! This is a DCL shar-type archive created by Unix dclshar.
$!
$CREATE GETPRIVS.PAS
$DECK

[INHERIT ('SYS$LIBRARY:STARLET')]
PROGRAM Get_Privileges (INPUT, OUTPUT, OutFile);

(*
   Written by Roger W. Terrell
   24-AUG-1988

   This program takes as input a list of privileges and produces as output
   an alphabetical list of the users who have those privileges.
*)

CONST
  %INCLUDE 'SYS$LIBRARY:PASSTATUS.PAS'


TYPE
  PrivType = (CMKRNL,CMEXEC,SYSNAM,GRPNAM,ALLSPOOL,DETACH,DIAGNOSE,LOG_IO,
              GROUP,ACNT,PRMCEB,PRMMBX,PSWAPM,ALTPRI,SETPRV,TMPMBX,WORLD,
              MOUNT,OPER,EXQUOTA,NETMBX,VOLPRO,PHY_IO,BUGCHK,PRMGBL,SYSGBL,
              PFNMAP,SHMEM,SYSPRV,BYPASS,SYSLCK,SHARE,UPGRADE,DOWNGRADE,
              GRPPRV,READALL,SECURITY);

  PrivArray = [QUAD] PACKED ARRAY [CMKRNL..SECURITY] OF BOOLEAN;

  Item_List_3 = PACKED ARRAY [1..3] OF PACKED RECORD
                                       CASE INTEGER OF
                                         1 : (FIELD1 : [WORD] 0..65535;
                                              FIELD2 : [WORD] 0..65535;
                                              FIELD3 : UNSIGNED;
                                              FIELD4 : UNSIGNED );
                                         2 : (TERMINATOR : UNSIGNED);
                                       END;


  String12 = PACKED ARRAY [1..12] OF CHAR;


VAR
  Privilege  : PrivType;
  PrivCount  : PrivType;

  DefPrivs   : [VOLATILE] PrivArray;
  AuthPrivs  : [VOLATILE] PrivArray;
  Privs      : PrivArray;

  Identifier : String12;

  ID_Context : UNSIGNED;
  ID_Status  : UNSIGNED;
  UAI_Stat   : UNSIGNED;

  InfoList   : Item_List_3;

  DefLength  : [VOLATILE] INTEGER;
  AuthLength : [VOLATILE] INTEGER;

  NameOut    : BOOLEAN;       
  ErrorOut   : BOOLEAN;

  OutFile    : TEXT;

  OutName    : PACKED ARRAY [1..32] OF CHAR;
 

BEGIN
  ErrorOut := FALSE;

  WRITELN ('Enter privilege(s) to check for.  Separate mulitiple');
  WRITELN ('privileges with a single space.');
  WRITE ('> ');

  FOR Privilege := CMKRNL TO SECURITY DO
    Privs[Privilege] := FALSE;

  REPEAT
    READ (Privilege, ERROR := CONTINUE);

    IF STATUS(INPUT) = PAS$K_SUCCESS THEN
      Privs[Privilege] := TRUE
    ELSE
      ErrorOut := TRUE;

  UNTIL EOLN(INPUT) OR ErrorOut;

  READLN;


  IF NOT ErrorOut THEN
    BEGIN
      WRITELN;
      WRITE ('Enter file to write to [ TT: ]: ');
      READLN (OutName);

      WRITELN ('Working...');
      WRITELN; WRITELN;

      IF OutName = '' THEN
        OutName := 'TT:';

      OPEN (OutFile, OutName);
      REWRITE (OutFile);

      WRITELN (OutFile, 'Privileges that are DEFAULT but not AUTHORIZED');
      WRITELN (OutFile, 'are marked with an asterisk.');
      WRITELN (OutFile);

      ID_Context := 0;
 
      InfoList[1].FIELD1 := 64;
      InfoList[1].FIELD2 := UAI$_DEF_PRIV;
      InfoList[1].FIELD3 := (ADDRESS(DefPrivs))::UNSIGNED;
      InfoList[1].FIELD4 := (ADDRESS(DefLength))::UNSIGNED;
 
      InfoList[2].FIELD1 := 64;
      InfoList[2].FIELD2 := UAI$_PRIV;
      InfoList[2].FIELD3 := (ADDRESS(AuthPrivs))::UNSIGNED;
      InfoList[2].FIELD4 := (ADDRESS(AuthLength))::UNSIGNED;
 
      InfoList[3].Terminator := 0;

      ID_Status := SS$_NORMAL;

      WHILE ID_Status <> SS$_NOSUCHID DO
        BEGIN
          ID_Status := $IDTOASC (-1, NAMBUF := Identifier, CONTXT := ID_Context);
          UAI_Stat := $GETUAI (USRNAM := Identifier, ITMLST := InfoList);

          IF UAI_STAT = SS$_NORMAL THEN
            BEGIN
              NameOut := FALSE;
        
              FOR PrivCount := CMKRNL TO SECURITY DO
                IF (Privs[PrivCount] AND AuthPrivs[PrivCount]) OR 
                   (Privs[PrivCount] AND DefPrivs[PrivCount]) THEN
                  BEGIN
      
                    IF NOT NameOut THEN
                      BEGIN
                        WRITE (OutFile, Identifier, '   ');
                        NameOut := TRUE;
                      END; (* IF *)
        
                    WRITE (OutFile, PrivCount);
         
                    IF (DefPrivs[PrivCount] AND (NOT AuthPrivs[PrivCount])) THEN
                      WRITE (OutFile, '* ')
                    ELSE
                      WRITE (OutFile, ' ');
        
                  END; (* IF *)
        
              IF NameOut THEN
                WRITELN (OutFile);
        
            END; (* IF *)

        END; (* WHILE *)

    END (* IF *)
  ELSE
    WRITELN ('Error reading Privilege(s).  Program ends.');

END.
$EOD