mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
6090601c8b
activation of global registry options in loadparm.c, mainly to
extract functionality from net_conf.c to be made availabel elsewhere
and to minimize linker dependencies.
In detail:
* move functions registry_push/pull_value from lib/util_reg.c to new file
lib/util_reg_api.c
* create a fake user token consisting of builtin administrators sid and
se_disk_operators privilege by hand instead of using get_root_nt_token()
to minimize linker deps for bin/net.
+ new function registry_create_admin_token() in new lib/util_reg_smbconf.c
+ move dup_nt_token from auth/token_util.c to new file lib/util_nttoken.c
+ adapt net_conf.c and Makefile.in accordingly.
* split lib/profiles.c into two parts: new file lib/profiles_basic.c
takes all the low level mask manipulation and format conversion functions
(se_priv, privset, luid). the privs array is completely hidden from
profiles.c by adding some access-functions. some mask-functions are not
static anymore.
Generally, SID- and LUID-related stuff that has more dependencies
is kept in lib/profiles.c
* Move initialization of regdb from net_conf.c into a function
registry_init_regdb() in lib/util_reg_smbconf.c.
Michael
(This used to be commit efd3e2bfb7
)
84 lines
2.3 KiB
C
84 lines
2.3 KiB
C
/*
|
|
* Unix SMB/CIFS implementation.
|
|
* Registry helper routines
|
|
* Copyright (C) Michael Adam 2007
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License as published by the Free
|
|
* Software Foundation; either version 2 of the License, or (at your option)
|
|
* any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
|
* more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along with
|
|
* this program; if not, write to the Free Software Foundation, Inc., 675
|
|
* Mass Ave, Cambridge, MA 02139, USA.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
|
|
extern REGISTRY_OPS smbconf_reg_ops;
|
|
|
|
/*
|
|
* create a fake token just with enough rights to
|
|
* locally access the registry.
|
|
*/
|
|
NT_USER_TOKEN *registry_create_admin_token(TALLOC_CTX *mem_ctx)
|
|
{
|
|
NT_USER_TOKEN *token = NULL;
|
|
|
|
/* fake a user token: builtin administrators sid and the
|
|
* disk operators privilege is all we need to access the
|
|
* registry... */
|
|
if (!(token = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) {
|
|
DEBUG(1, ("talloc failed\n"));
|
|
goto done;
|
|
}
|
|
token->privileges = se_disk_operators;
|
|
if (!add_sid_to_array(token, &global_sid_Builtin_Administrators,
|
|
&token->user_sids, &token->num_sids)) {
|
|
DEBUG(1, ("Error adding builtin administrators sid "
|
|
"to fake token.\n"));
|
|
goto done;
|
|
}
|
|
done:
|
|
return token;
|
|
}
|
|
|
|
/*
|
|
* init the smbconf portion of the registry.
|
|
* for use in places where not the whole registry is needed,
|
|
* e.g. utils/net_conf.c and loadparm.c
|
|
*/
|
|
BOOL registry_init_regdb(void)
|
|
{
|
|
BOOL ret = False;
|
|
int saved_errno = 0;
|
|
static REGISTRY_HOOK smbconf_reg_hook = {KEY_SMBCONF, &smbconf_reg_ops};
|
|
|
|
DEBUG(10, ("registry_init_regdb called\n"));
|
|
|
|
if (!regdb_init()) {
|
|
saved_errno = errno;
|
|
DEBUG(1, ("Can't open the registry"));
|
|
if (saved_errno) {
|
|
DEBUGADD(1, (": %s", strerror(saved_errno)));
|
|
}
|
|
DEBUGADD(1, (".\n"));
|
|
goto done;
|
|
}
|
|
reghook_cache_init();
|
|
if (!reghook_cache_add(&smbconf_reg_hook)) {
|
|
DEBUG(1, ("Error adding smbconf reghooks to reghook cache.\n"));
|
|
goto done;
|
|
}
|
|
|
|
ret = True;
|
|
|
|
done:
|
|
return ret;
|
|
}
|