sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-26 21:57:41 +03:00
Code

s3-privs Make privilege_enum_sids() take an LUID, not a bitmap

Browse Source 
This moves one more privileges call away from direct bitmap manipuation.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
This commit is contained in:
Andrew Bartlett 2010-08-30 14:17:02 +10:00
parent 71832a404e
commit 4080ff7af5
4 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source3/include/proto.h
View File

@ -635,7 +635,7 @@ void pidfile_unlink(void);
bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int scount);
NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids);
NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
NTSTATUS privilege_enum_sids(enum sec_privilege privilege, TALLOC_CTX *mem_ctx,
struct dom_sid **sids, int *num_sids);
bool grant_privilege(const struct dom_sid *sid, const uint64_t priv_mask);
bool grant_privilege_by_name(struct dom_sid *sid, const char *name);

4
source3/lib/privileges.c
View File

@ -251,7 +251,7 @@ NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids)
Retrieve list of SIDs granted a particular privilege
*********************************************************************/
NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
NTSTATUS privilege_enum_sids(enum sec_privilege privilege, TALLOC_CTX *mem_ctx,
struct dom_sid **sids, int *num_sids)
{
struct db_context *db = get_account_pol_db();
@ -263,7 +263,7 @@ NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
ZERO_STRUCT(priv);
priv.privilege = *mask;
priv.privilege = sec_privilege_mask(privilege);
priv.mem_ctx = mem_ctx;
db->traverse_read(db, priv_traverse_fn, &priv);

7
source3/rpc_server/srv_lsa_nt.c
View File

@ -2440,7 +2440,7 @@ NTSTATUS _lsa_EnumAccountsWithUserRight(struct pipes_struct *p,
struct dom_sid *sids = NULL;
int num_sids = 0;
uint32_t i;
uint64_t mask;
enum sec_privilege privilege;
if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) {
return NT_STATUS_INVALID_HANDLE;
@ -2458,11 +2458,12 @@ NTSTATUS _lsa_EnumAccountsWithUserRight(struct pipes_struct *p,
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
if (!se_priv_from_name(r->in.name->string, &mask)) {
privilege = sec_privilege_id(r->in.name->string);
if (privilege == SEC_PRIV_INVALID) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
status = privilege_enum_sids(&mask, p->mem_ctx,
status = privilege_enum_sids(privilege, p->mem_ctx,
&sids, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
return status;

8
source3/utils/net_sam.c
View File

@ -634,7 +634,7 @@ static int net_sam_policy(struct net_context *c, int argc, const char **argv)
static int net_sam_rights_list(struct net_context *c, int argc,
const char **argv)
{
uint64_t mask;
enum sec_privilege privilege;
if (argc > 1 || c->display_usage) {
d_fprintf(stderr, "%s\n%s",
@ -653,12 +653,14 @@ static int net_sam_rights_list(struct net_context *c, int argc,
return 0;
}
if (se_priv_from_name(argv[0], &mask)) {
privilege = sec_privilege_id(argv[0]);
if (privilege != SEC_PRIV_INVALID) {
struct dom_sid *sids;
int i, num_sids;
NTSTATUS status;
status = privilege_enum_sids(&mask, talloc_tos(),
status = privilege_enum_sids(privilege, talloc_tos(),
&sids, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Could not list rights: %s\n"),