summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-08-30 13:14:40 +1000
committerAndrew Bartlett <abartlet@samba.org>2010-09-11 18:46:10 +1000
commited6b4ddd71ebdcdbdea7949ecbef11f409766534 (patch)
tree06b402d6b114492f7c68b26e03246c9950b41e48
parent92efe9a86aae64d85323a9fcf6d20fd3f85bc22c (diff)
downloadsamba-ed6b4ddd71ebdcdbdea7949ecbef11f409766534.tar.gz
samba-ed6b4ddd71ebdcdbdea7949ecbef11f409766534.tar.bz2
samba-ed6b4ddd71ebdcdbdea7949ecbef11f409766534.zip
s3-privs Directly manipulate the privileges bitmap.
There is no longer any reason to go via the se_ functions to manipulate this bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r--source3/lib/privileges.c8
-rw-r--r--source3/lib/util_nttoken.c11
-rw-r--r--source3/libgpo/gpo_reg.c2
3 files changed, 7 insertions, 14 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 349067f047..42fccf8b71 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -130,7 +130,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc
int i;
bool found = False;
- se_priv_copy( privileges, &se_priv_none );
+ *privileges = 0;
for ( i=0; i<scount; i++ ) {
/* don't add unless we actually have a privilege assigned */
@@ -142,7 +142,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc
"set: 0x%llx\n", sid_string_dbg(&slist[i]),
(unsigned long long)mask));
- se_priv_add( privileges, &mask );
+ *privileges |= mask;
found = True;
}
@@ -224,8 +224,6 @@ NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids)
ZERO_STRUCT(priv);
- se_priv_copy( &priv.privilege, &se_priv_none );
-
db->traverse_read(db, priv_traverse_fn, &priv);
/* give the memory away; caller will free */
@@ -252,7 +250,7 @@ NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
ZERO_STRUCT(priv);
- se_priv_copy(&priv.privilege, mask);
+ priv.privilege = *mask;
priv.mem_ctx = mem_ctx;
db->traverse_read(db, priv_traverse_fn, &priv);
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index 8efebaf9eb..3130ed89fb 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -56,12 +56,7 @@ struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_t
token->num_sids = ptoken->num_sids;
}
- /* copy the privileges; don't consider failure to be critical here */
-
- if ( !se_priv_copy( &token->privilege_mask, &ptoken->privilege_mask ) ) {
- DEBUG(0,("dup_nt_token: Failure to copy privilages!. "
- "Continuing with 0 privileges assigned.\n"));
- }
+ token->privilege_mask = ptoken->privilege_mask;
return token;
}
@@ -108,8 +103,8 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
}
}
- se_priv_add(&token->privilege_mask, &token_1->privilege_mask);
- se_priv_add(&token->privilege_mask, &token_2->privilege_mask);
+ token->privilege_mask |= token_1->privilege_mask;
+ token->privilege_mask |= token_2->privilege_mask;
*token_out = token;
diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c
index 39d072f689..f599435e6c 100644
--- a/source3/libgpo/gpo_reg.c
+++ b/source3/libgpo/gpo_reg.c
@@ -37,7 +37,7 @@ struct security_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
return NULL;
}
- token->privilege_mask = se_priv_all;
+ token->privilege_mask = SE_ALL_PRIVS;
if (!NT_STATUS_IS_OK(add_sid_to_array(token, &global_sid_System,
&token->sids, &token->num_sids))) {