summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-08-26 14:37:00 +1000
committerAndrew Bartlett <abartlet@samba.org>2010-09-11 18:46:04 +1000
commitfcaa86f4026cac94ed257406cbf4a59947b6029f (patch)
tree68567c4b9c5413f4e50a53f08836722d72088d28
parent821b9e61aa057530212438988c204d79f1f70b1d (diff)
downloadsamba-fcaa86f4026cac94ed257406cbf4a59947b6029f.tar.gz
samba-fcaa86f4026cac94ed257406cbf4a59947b6029f.tar.bz2
samba-fcaa86f4026cac94ed257406cbf4a59947b6029f.zip
s3-privs Further changes to remove SE_PRIV
Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r--source3/include/privileges.h24
-rw-r--r--source3/include/proto.h38
-rw-r--r--source3/include/smb.h2
-rw-r--r--source3/lib/privileges_basic.c96
-rw-r--r--source3/printing/nt_printing.c2
-rw-r--r--source3/rpc_server/srv_lsa_nt.c12
-rw-r--r--source3/rpc_server/srv_samr_nt.c12
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c18
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c8
-rw-r--r--source3/utils/net_sam.c6
10 files changed, 108 insertions, 110 deletions
diff --git a/source3/include/privileges.h b/source3/include/privileges.h
index ab16edfa6d..9c07d1f2be 100644
--- a/source3/include/privileges.h
+++ b/source3/include/privileges.h
@@ -30,27 +30,25 @@
/* privilege bitmask */
-typedef uint64_t SE_PRIV;
-
/* common privilege defines */
#define SE_END 0x0
#define SE_NONE 0x0
-#define SE_ALL_PRIVS (SE_PRIV)-1
+#define SE_ALL_PRIVS (uint64_t)-1
/* defined in lib/privilegs_basic.c */
-extern const SE_PRIV se_priv_all;
+extern const uint64_t se_priv_all;
-extern const SE_PRIV se_priv_none;
-extern const SE_PRIV se_machine_account;
-extern const SE_PRIV se_print_operator;
-extern const SE_PRIV se_add_users;
-extern const SE_PRIV se_disk_operators;
-extern const SE_PRIV se_remote_shutdown;
-extern const SE_PRIV se_restore;
-extern const SE_PRIV se_take_ownership;
+extern const uint64_t se_priv_none;
+extern const uint64_t se_machine_account;
+extern const uint64_t se_print_operator;
+extern const uint64_t se_add_users;
+extern const uint64_t se_disk_operators;
+extern const uint64_t se_remote_shutdown;
+extern const uint64_t se_restore;
+extern const uint64_t se_take_ownership;
/*
@@ -66,7 +64,7 @@ typedef struct {
} PRIVILEGE_SET;
typedef struct {
- SE_PRIV se_priv;
+ uint64_t se_priv;
const char *name;
const char *description;
struct lsa_LUID luid;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 5e2e0bff3d..4644a55046 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -633,13 +633,13 @@ void pidfile_unlink(void);
/* The following definitions come from lib/privileges.c */
-bool get_privileges_for_sids(SE_PRIV *privileges, struct dom_sid *slist, int scount);
+bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int scount);
NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids);
-NTSTATUS privilege_enum_sids(const SE_PRIV *mask, TALLOC_CTX *mem_ctx,
+NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
struct dom_sid **sids, int *num_sids);
-bool grant_privilege(const struct dom_sid *sid, const SE_PRIV *priv_mask);
+bool grant_privilege(const struct dom_sid *sid, const uint64_t *priv_mask);
bool grant_privilege_by_name(struct dom_sid *sid, const char *name);
-bool revoke_privilege(const struct dom_sid *sid, const SE_PRIV *priv_mask);
+bool revoke_privilege(const struct dom_sid *sid, const uint64_t *priv_mask);
bool revoke_all_privileges( struct dom_sid *sid );
bool revoke_privilege_by_name(struct dom_sid *sid, const char *name);
NTSTATUS privilege_create_account(const struct dom_sid *sid );
@@ -653,23 +653,23 @@ bool grant_all_privileges( const struct dom_sid *sid );
/* The following definitions come from lib/privileges_basic.c */
-bool se_priv_copy( SE_PRIV *dst, const SE_PRIV *src );
-bool se_priv_put_all_privileges(SE_PRIV *mask);
-void se_priv_add( SE_PRIV *mask, const SE_PRIV *addpriv );
-void se_priv_remove( SE_PRIV *mask, const SE_PRIV *removepriv );
-bool se_priv_equal( const SE_PRIV *mask1, const SE_PRIV *mask2 );
-bool se_priv_from_name( const char *name, SE_PRIV *mask );
-void dump_se_priv( int dbg_cl, int dbg_lvl, const SE_PRIV *mask );
-bool is_privilege_assigned(const SE_PRIV *privileges,
- const SE_PRIV *check);
+bool se_priv_copy( uint64_t *dst, const uint64_t *src );
+bool se_priv_put_all_privileges(uint64_t *mask);
+void se_priv_add( uint64_t *mask, const uint64_t *addpriv );
+void se_priv_remove( uint64_t *mask, const uint64_t *removepriv );
+bool se_priv_equal( const uint64_t *mask1, const uint64_t *mask2 );
+bool se_priv_from_name( const char *name, uint64_t *mask );
+void dump_se_priv( int dbg_cl, int dbg_lvl, const uint64_t *mask );
+bool is_privilege_assigned(const uint64_t *privileges,
+ const uint64_t *check);
const char* get_privilege_dispname( const char *name );
-bool user_has_privileges(const NT_USER_TOKEN *token, const SE_PRIV *privilege);
-bool user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege);
+bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege);
+bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege);
int count_all_privileges( void );
-struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask );
+struct lsa_LUIDAttribute get_privilege_luid( uint64_t *mask );
const char *luid_to_privilege_name(const struct lsa_LUID *set);
-bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask );
-bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset );
+bool se_priv_to_privilege_set( PRIVILEGE_SET *set, uint64_t *mask );
+bool privilege_set_to_se_priv( uint64_t *mask, struct lsa_PrivilegeSet *privset );
/* The following definitions come from lib/readline.c */
@@ -5667,7 +5667,7 @@ int fncall_recv(struct tevent_req *req, int *perr);
/* The following definitions come from rpc_server/srv_samr_nt.c */
NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
- SE_PRIV *rights, uint32 rights_mask,
+ uint64_t *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug);
void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
diff --git a/source3/include/smb.h b/source3/include/smb.h
index f109739a42..ca98a21991 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -234,7 +234,7 @@ extern const struct dom_sid global_sid_Unix_Groups;
typedef struct nt_user_token {
size_t num_sids;
struct dom_sid *sids;
- SE_PRIV privilege_mask;
+ uint64_t privilege_mask;
} NT_USER_TOKEN;
typedef struct unix_user_token {
diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c
index 962b5e8514..a9f6232788 100644
--- a/source3/lib/privileges_basic.c
+++ b/source3/lib/privileges_basic.c
@@ -32,20 +32,20 @@
#include "includes.h"
-const SE_PRIV se_priv_all = SE_ALL_PRIVS;
-static const SE_PRIV se_priv_end = SE_END;
+const uint64_t se_priv_all = SE_ALL_PRIVS;
+static const uint64_t se_priv_end = SE_END;
/* Define variables for all privileges so we can use the
- SE_PRIV* in the various se_priv_XXX() functions */
+ uint64_t* in the various se_priv_XXX() functions */
-const SE_PRIV se_priv_none = SE_NONE;
-const SE_PRIV se_machine_account = SE_MACHINE_ACCOUNT;
-const SE_PRIV se_print_operator = SE_PRINT_OPERATOR;
-const SE_PRIV se_add_users = SE_ADD_USERS;
-const SE_PRIV se_disk_operators = SE_DISK_OPERATOR;
-const SE_PRIV se_remote_shutdown = SE_REMOTE_SHUTDOWN;
-const SE_PRIV se_restore = SE_RESTORE;
-const SE_PRIV se_take_ownership = SE_TAKE_OWNERSHIP;
+const uint64_t se_priv_none = SE_NONE;
+const uint64_t se_machine_account = SE_MACHINE_ACCOUNT;
+const uint64_t se_print_operator = SE_PRINT_OPERATOR;
+const uint64_t se_add_users = SE_ADD_USERS;
+const uint64_t se_disk_operators = SE_DISK_OPERATOR;
+const uint64_t se_remote_shutdown = SE_REMOTE_SHUTDOWN;
+const uint64_t se_restore = SE_RESTORE;
+const uint64_t se_take_ownership = SE_TAKE_OWNERSHIP;
/********************************************************************
This is a list of privileges reported by a WIndows 2000 SP4 AD DC
@@ -111,15 +111,15 @@ PRIVS privs[] = {
};
/***************************************************************************
- copy an SE_PRIV structure
+ copy an uint64_t structure
****************************************************************************/
-bool se_priv_copy( SE_PRIV *dst, const SE_PRIV *src )
+bool se_priv_copy( uint64_t *dst, const uint64_t *src )
{
if ( !dst || !src )
return False;
- memcpy( dst, src, sizeof(SE_PRIV) );
+ memcpy( dst, src, sizeof(uint64_t) );
return True;
}
@@ -128,7 +128,7 @@ bool se_priv_copy( SE_PRIV *dst, const SE_PRIV *src )
put all privileges into a mask
****************************************************************************/
-bool se_priv_put_all_privileges(SE_PRIV *mask)
+bool se_priv_put_all_privileges(uint64_t *mask)
{
int i;
uint32 num_privs = count_all_privileges();
@@ -143,31 +143,31 @@ bool se_priv_put_all_privileges(SE_PRIV *mask)
}
/***************************************************************************
- combine 2 SE_PRIV structures and store the resulting set in mew_mask
+ combine 2 uint64_t structures and store the resulting set in mew_mask
****************************************************************************/
-void se_priv_add( SE_PRIV *mask, const SE_PRIV *addpriv )
+void se_priv_add( uint64_t *mask, const uint64_t *addpriv )
{
*mask |= *addpriv;
}
/***************************************************************************
- remove one SE_PRIV sytucture from another and store the resulting set
+ remove one uint64_t sytucture from another and store the resulting set
in mew_mask
****************************************************************************/
-void se_priv_remove( SE_PRIV *mask, const SE_PRIV *removepriv )
+void se_priv_remove( uint64_t *mask, const uint64_t *removepriv )
{
*mask &= ~*removepriv;
}
/***************************************************************************
- invert a given SE_PRIV and store the set in new_mask
+ invert a given uint64_t and store the set in new_mask
****************************************************************************/
-static void se_priv_invert( SE_PRIV *new_mask, const SE_PRIV *mask )
+static void se_priv_invert( uint64_t *new_mask, const uint64_t *mask )
{
- SE_PRIV allprivs;
+ uint64_t allprivs;
se_priv_copy( &allprivs, &se_priv_all );
se_priv_remove( &allprivs, mask );
@@ -175,21 +175,21 @@ static void se_priv_invert( SE_PRIV *new_mask, const SE_PRIV *mask )
}
/***************************************************************************
- check if 2 SE_PRIV structure are equal
+ check if 2 uint64_t structure are equal
****************************************************************************/
-bool se_priv_equal( const SE_PRIV *mask1, const SE_PRIV *mask2 )
+bool se_priv_equal( const uint64_t *mask1, const uint64_t *mask2 )
{
return *mask1 == *mask2;
}
/***************************************************************************
- check if a SE_PRIV has any assigned privileges
+ check if a uint64_t has any assigned privileges
****************************************************************************/
-static bool se_priv_empty( const SE_PRIV *mask )
+static bool se_priv_empty( const uint64_t *mask )
{
- SE_PRIV p1;
+ uint64_t p1;
se_priv_copy( &p1, mask );
@@ -199,10 +199,10 @@ static bool se_priv_empty( const SE_PRIV *mask )
}
/*********************************************************************
- Lookup the SE_PRIV value for a privilege name
+ Lookup the uint64_t value for a privilege name
*********************************************************************/
-bool se_priv_from_name( const char *name, SE_PRIV *mask )
+bool se_priv_from_name( const char *name, uint64_t *mask )
{
int i;
@@ -217,22 +217,22 @@ bool se_priv_from_name( const char *name, SE_PRIV *mask )
}
/***************************************************************************
- dump an SE_PRIV structure to the log files
+ dump an uint64_t structure to the log files
****************************************************************************/
-void dump_se_priv( int dbg_cl, int dbg_lvl, const SE_PRIV *mask )
+void dump_se_priv( int dbg_cl, int dbg_lvl, const uint64_t *mask )
{
- DEBUGADDC( dbg_cl, dbg_lvl,("SE_PRIV 0x%llx\n", (unsigned long long)*mask));
+ DEBUGADDC( dbg_cl, dbg_lvl,("uint64_t 0x%llx\n", (unsigned long long)*mask));
}
/****************************************************************************
check if the privilege is in the privilege list
****************************************************************************/
-bool is_privilege_assigned(const SE_PRIV *privileges,
- const SE_PRIV *check)
+bool is_privilege_assigned(const uint64_t *privileges,
+ const uint64_t *check)
{
- SE_PRIV p1, p2;
+ uint64_t p1, p2;
if ( !privileges || !check )
return False;
@@ -246,8 +246,8 @@ bool is_privilege_assigned(const SE_PRIV *privileges,
se_priv_copy( &p1, check );
- /* invert the SE_PRIV we want to check for and remove that from the
- original set. If we are left with the SE_PRIV we are checking
+ /* invert the uint64_t we want to check for and remove that from the
+ original set. If we are left with the uint64_t we are checking
for then return True */
se_priv_invert( &p1, check );
@@ -261,9 +261,9 @@ bool is_privilege_assigned(const SE_PRIV *privileges,
check if the privilege is in the privilege list
****************************************************************************/
-static bool is_any_privilege_assigned( SE_PRIV *privileges, const SE_PRIV *check )
+static bool is_any_privilege_assigned( uint64_t *privileges, const uint64_t *check )
{
- SE_PRIV p1, p2;
+ uint64_t p1, p2;
if ( !privileges || !check )
return False;
@@ -277,8 +277,8 @@ static bool is_any_privilege_assigned( SE_PRIV *privileges, const SE_PRIV *check
se_priv_copy( &p1, check );
- /* invert the SE_PRIV we want to check for and remove that from the
- original set. If we are left with the SE_PRIV we are checking
+ /* invert the uint64_t we want to check for and remove that from the
+ original set. If we are left with the uint64_t we are checking
for then return True */
se_priv_invert( &p1, check );
@@ -321,7 +321,7 @@ const char* get_privilege_dispname( const char *name )
at a time here.
*****************************************************************************/
-bool user_has_privileges(const NT_USER_TOKEN *token, const SE_PRIV *privilege)
+bool user_has_privileges(const NT_USER_TOKEN *token, const uint64_t *privilege)
{
if ( !token )
return False;
@@ -334,7 +334,7 @@ bool user_has_privileges(const NT_USER_TOKEN *token, const SE_PRIV *privilege)
at a time here.
*****************************************************************************/
-bool user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege)
+bool user_has_any_privilege(NT_USER_TOKEN *token, const uint64_t *privilege)
{
if ( !token )
return False;
@@ -361,7 +361,7 @@ int count_all_privileges( void )
so we are guaranteed to find it in the list.
*********************************************************************/
-struct lsa_LUIDAttribute get_privilege_luid( SE_PRIV *mask )
+struct lsa_LUIDAttribute get_privilege_luid( uint64_t *mask )
{
struct lsa_LUIDAttribute priv_luid;
int i;
@@ -429,7 +429,7 @@ static bool privilege_set_add(PRIVILEGE_SET *priv_set, struct lsa_LUIDAttribute
/*******************************************************************
*******************************************************************/
-bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask )
+bool se_priv_to_privilege_set( PRIVILEGE_SET *set, uint64_t *mask )
{
int i;
uint32 num_privs = count_all_privileges();
@@ -454,7 +454,7 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask )
/*******************************************************************
*******************************************************************/
-static bool luid_to_se_priv( struct lsa_LUID *luid, SE_PRIV *mask )
+static bool luid_to_se_priv( struct lsa_LUID *luid, uint64_t *mask )
{
int i;
uint32 num_privs = count_all_privileges();
@@ -472,14 +472,14 @@ static bool luid_to_se_priv( struct lsa_LUID *luid, SE_PRIV *mask )
/*******************************************************************
*******************************************************************/
-bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset )
+bool privilege_set_to_se_priv( uint64_t *mask, struct lsa_PrivilegeSet *privset )
{
int i;
ZERO_STRUCTP( mask );
for ( i=0; i<privset->count; i++ ) {
- SE_PRIV r;
+ uint64_t r;
/* sanity check for invalid privilege. we really
only care about the low 32 bits */
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 9f4ede22bd..186369df1f 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -2075,7 +2075,7 @@ bool print_access_check(const struct auth_serversupplied_info *server_info,
WERROR result;
const char *pname;
TALLOC_CTX *mem_ctx = NULL;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
/* If user is NULL then use the current_user structure */
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 235ec12b58..12fd6a948f 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1836,7 +1836,7 @@ NTSTATUS _lsa_EnumPrivsAccount(struct pipes_struct *p,
{
NTSTATUS status = NT_STATUS_OK;
struct lsa_info *info=NULL;
- SE_PRIV mask;
+ uint64_t mask;
PRIVILEGE_SET privileges;
struct lsa_PrivilegeSet *priv_set = NULL;
struct lsa_LUIDAttribute *luid_attrs = NULL;
@@ -1995,7 +1995,7 @@ NTSTATUS _lsa_AddPrivilegesToAccount(struct pipes_struct *p,
struct lsa_AddPrivilegesToAccount *r)
{
struct lsa_info *info = NULL;
- SE_PRIV mask;
+ uint64_t mask;
struct lsa_PrivilegeSet *set = NULL;
/* find the connection policy handle. */
@@ -2034,7 +2034,7 @@ NTSTATUS _lsa_RemovePrivilegesFromAccount(struct pipes_struct *p,
struct lsa_RemovePrivilegesFromAccount *r)
{
struct lsa_info *info = NULL;
- SE_PRIV mask;
+ uint64_t mask;
struct lsa_PrivilegeSet *set = NULL;
/* find the connection policy handle. */
@@ -2350,7 +2350,7 @@ NTSTATUS _lsa_EnumAccountRights(struct pipes_struct *p,
struct lsa_info *info = NULL;
struct dom_sid sid;
PRIVILEGE_SET privileges;
- SE_PRIV mask;
+ uint64_t mask;
/* find the connection policy handle. */
@@ -2405,7 +2405,7 @@ NTSTATUS _lsa_LookupPrivValue(struct pipes_struct *p,
struct lsa_info *info = NULL;
const char *name = NULL;
struct lsa_LUIDAttribute priv_luid;
- SE_PRIV mask;
+ uint64_t mask;
/* find the connection policy handle. */
@@ -2446,7 +2446,7 @@ NTSTATUS _lsa_EnumAccountsWithUserRight(struct pipes_struct *p,
struct dom_sid *sids = NULL;
int num_sids = 0;
uint32_t i;
- SE_PRIV mask;
+ uint64_t mask;
if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) {
return NT_STATUS_INVALID_HANDLE;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 6e83a3e4e5..87e50a5d40 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -180,7 +180,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, struct security_descriptor
********************************************************************/
NTSTATUS access_check_object( struct security_descriptor *psd, NT_USER_TOKEN *token,
- SE_PRIV *rights, uint32 rights_mask,
+ uint64_t *rights, uint32 rights_mask,
uint32 des_access, uint32 *acc_granted,
const char *debug )
{
@@ -545,7 +545,7 @@ NTSTATUS _samr_OpenDomain(struct pipes_struct *p,
NTSTATUS status;
size_t sd_size;
uint32_t extra_access = SAMR_DOMAIN_ACCESS_CREATE_USER;
- SE_PRIV se_rights;
+ uint64_t se_rights;
/* find the connection policy handle. */
@@ -2253,7 +2253,7 @@ NTSTATUS _samr_OpenUser(struct pipes_struct *p,
size_t sd_size;
bool ret;
NTSTATUS nt_status;
- SE_PRIV se_rights;
+ uint64_t se_rights;
NTSTATUS status;
dinfo = policy_handle_find(p, r->in.domain_handle,
@@ -3807,7 +3807,7 @@ NTSTATUS _samr_CreateUser2(struct pipes_struct *p,
/* check this, when giving away 'add computer to domain' privs */
uint32 des_access = GENERIC_RIGHTS_USER_ALL_ACCESS;
bool can_add_account = False;
- SE_PRIV se_rights;
+ uint64_t se_rights;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_DOMAIN_ACCESS_CREATE_USER, NULL,
@@ -4233,7 +4233,7 @@ NTSTATUS _samr_OpenAlias(struct pipes_struct *p,
uint32 des_access = r->in.access_mask;
size_t sd_size;
NTSTATUS status;
- SE_PRIV se_rights;
+ uint64_t se_rights;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, NULL,
@@ -6312,7 +6312,7 @@ NTSTATUS _samr_OpenGroup(struct pipes_struct *p,
size_t sd_size;
NTSTATUS status;
bool ret;
- SE_PRIV se_rights;
+ uint64_t se_rights;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, NULL,
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 881f0e5555..9a9e3f52f1 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -364,7 +364,7 @@ static WERROR delete_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
char *cmd = lp_deleteprinter_cmd();
char *command = NULL;
int ret;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
bool is_print_op = false;
/* can't fail if we don't try */
@@ -1743,7 +1743,7 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p,
if ( r->in.access_mask & SERVER_ACCESS_ADMINISTER )
{
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
if (!lp_ms_add_printer_wizard()) {
close_printer_handle(p, r->out.handle);
@@ -1995,7 +1995,7 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p,
struct spoolss_DriverInfo8 *info_win2k = NULL;
int version;
WERROR status;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
@@ -2101,7 +2101,7 @@ WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p,
int version;
bool delete_files;
WERROR status;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
@@ -5864,7 +5864,7 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token, const char *p
char *cmd = lp_addport_cmd();
char *command = NULL;
int ret;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
bool is_print_op = false;
if ( !*cmd ) {
@@ -5919,7 +5919,7 @@ static bool add_printer_hook(TALLOC_CTX *ctx, NT_USER_TOKEN *token,
int numlines;
int ret;
int fd;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
bool is_print_op = false;
if (!remote_machine) {
@@ -8248,7 +8248,7 @@ WERROR _spoolss_AddForm(struct pipes_struct *p,
struct spoolss_AddFormInfo1 *form = r->in.info.info1;
int snum = -1;
WERROR status = WERR_OK;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle);
@@ -8322,7 +8322,7 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p,
struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle);
int snum = -1;
WERROR status = WERR_OK;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
DEBUG(5,("_spoolss_DeleteForm\n"));
@@ -8382,7 +8382,7 @@ WERROR _spoolss_SetForm(struct pipes_struct *p,
const char *form_name = r->in.form_name;
int snum = -1;
WERROR status = WERR_OK;
- SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ uint64_t se_printop = SE_PRINT_OPERATOR;
struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle);
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index ceee47d443..ee879e89f7 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1535,7 +1535,7 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p,
int ret;
char *path = NULL;
struct security_descriptor *psd = NULL;
- SE_PRIV se_diskop = SE_DISK_OPERATOR;
+ uint64_t se_diskop = SE_DISK_OPERATOR;
bool is_disk_op = False;
int max_connections = 0;
TALLOC_CTX *ctx = p->mem_ctx;
@@ -1764,7 +1764,7 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p,
int ret;
char *path;
struct security_descriptor *psd = NULL;
- SE_PRIV se_diskop = SE_DISK_OPERATOR;
+ uint64_t se_diskop = SE_DISK_OPERATOR;
bool is_disk_op;
int max_connections = 0;
TALLOC_CTX *ctx = p->mem_ctx;
@@ -1941,7 +1941,7 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p,
char *share_name = NULL;
int ret;
int snum;
- SE_PRIV se_diskop = SE_DISK_OPERATOR;
+ uint64_t se_diskop = SE_DISK_OPERATOR;
bool is_disk_op;
struct share_params *params;
TALLOC_CTX *ctx = p->mem_ctx;
@@ -2517,7 +2517,7 @@ WERROR _srvsvc_NetFileClose(struct pipes_struct *p,
struct srvsvc_NetFileClose *r)
{
struct enum_file_close_state state;
- SE_PRIV se_diskop = SE_DISK_OPERATOR;
+ uint64_t se_diskop = SE_DISK_OPERATOR;
bool is_disk_op;
DEBUG(5,("_srvsvc_NetFileClose: %d\n", __LINE__));
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index 44a0b79e18..99eac045e0 100644
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -636,7 +636,7 @@ extern PRIVS privs[];
static int net_sam_rights_list(struct net_context *c, int argc,
const char **argv)
{
- SE_PRIV mask;
+ uint64_t mask;
if (argc > 1 || c->display_usage) {
d_fprintf(stderr, "%s\n%s",
@@ -692,7 +692,7 @@ static int net_sam_rights_grant(struct net_context *c, int argc,
struct dom_sid sid;
enum lsa_SidType type;
const char *dom, *name;
- SE_PRIV mask;
+ uint64_t mask;
int i;
if (argc < 2 || c->display_usage) {
@@ -731,7 +731,7 @@ static int net_sam_rights_revoke(struct net_context *c, int argc,
struct dom_sid sid;
enum lsa_SidType type;
const char *dom, *name;
- SE_PRIV mask;
+ uint64_t mask;
int i;
if (argc < 2 || c->display_usage) {