s3-util_sid Tidy up global struct security_token

This no longer needs to be global, and should be const.  We now also
init it with the C99 style initialisers.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

4 files changed, 8 insertions, 16 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 03196c30ed..73fe868d84 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1319,7 +1319,7 @@ bool is_setuid_root(void) ;
 /* The following definitions come from lib/util_sid.c  */
 
 const char *sid_type_lookup(uint32 sid_type) ;
-struct security_token *get_system_token(void) ;
+const struct security_token *get_system_token(void) ;
 char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid);
 char *sid_string_talloc(TALLOC_CTX *mem_ctx, const struct dom_sid *sid);
 char *sid_string_dbg(const struct dom_sid *sid);
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 7e803fcfce..6c16fea585 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -22,8 +22,6 @@
 
 #include "includes.h"
 
-extern struct security_token anonymous_token;
-
 /* Map generic access rights to object specific rights.  This technique is
    used to give meaning to assigning read, write, execute and all access to
    objects.  Each type of object has its own mapping of generic to object
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 0e5c204378..4e0ddd2e49 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -99,19 +99,13 @@ const struct dom_sid global_sid_Unix_Groups =			/* Unmapped Unix groups */
 #define SECURITY_NT_AUTHORITY          5
 #endif
 
-/*
- * An NT compatible anonymous token.
- */
-
-static struct dom_sid anon_sid_array[3] =
-{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
-  { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
-  { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
-struct security_token anonymous_token = { 3, anon_sid_array, SE_NONE };
-
 static struct dom_sid system_sid_array[1] =
 { { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
-struct security_token system_token = { 1, system_sid_array, SE_ALL_PRIVS };
+static const struct security_token system_token = {
+	.num_sids       = ARRAY_SIZE(system_sid_array),
+	.sids           = system_sid_array,
+	.privilege_mask = SE_ALL_PRIVS
+};
 
 /****************************************************************************
  Lookup string names for SID types.
@@ -153,7 +147,7 @@ const char *sid_type_lookup(uint32 sid_type)
  Create the SYSTEM token.
 ***************************************************************************/
 
-struct security_token *get_system_token(void)
+const struct security_token *get_system_token(void)
 {
 	return &system_token;
 }
diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c
index 1fc9337a56..96787a374f 100644
--- a/source3/rpc_server/srv_eventlog_nt.c
+++ b/source3/rpc_server/srv_eventlog_nt.c
@@ -69,7 +69,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( struct pipes_struct * p,
 /********************************************************************
 ********************************************************************/
 
-static bool elog_check_access( EVENTLOG_INFO *info, struct security_token *token )
+static bool elog_check_access( EVENTLOG_INFO *info, const struct security_token *token )
 {
 	char *tdbname = elog_tdbname(talloc_tos(), info->logname );
 	struct security_descriptor *sec_desc;