diff options
author | Jeremy Allison <jra@samba.org> | 2013-01-04 14:42:23 -0800 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2013-01-09 15:29:35 +1100 |
commit | b668c9077ba9005988146e8b1ee853ce8a6f33a4 (patch) | |
tree | 7e3b2b526fda281321d65407423294702e09342d | |
parent | 86d1e1db8e2747e30c89627cda123fde1e84f579 (diff) | |
download | samba-b668c9077ba9005988146e8b1ee853ce8a6f33a4.tar.gz samba-b668c9077ba9005988146e8b1ee853ce8a6f33a4.tar.bz2 samba-b668c9077ba9005988146e8b1ee853ce8a6f33a4.zip |
Move create_share_access_mask() from smbd/service.c to smbd/uid.c.
Make it static. Only called from uid.c now.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source3/smbd/proto.h | 3 | ||||
-rw-r--r-- | source3/smbd/service.c | 38 | ||||
-rw-r--r-- | source3/smbd/uid.c | 38 |
3 files changed, 38 insertions, 41 deletions
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index e8ee8733a4..772730203f 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -979,9 +979,6 @@ void smbd_exit_server_cleanly(const char *const reason) _NORETURN_; bool set_conn_connectpath(connection_struct *conn, const char *connectpath); NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum); -uint32_t create_share_access_mask(int snum, - bool readonly_share, - const struct security_token *token); bool set_current_service(connection_struct *conn, uint16 flags, bool do_chdir); void load_registry_shares(void); int add_home_service(const char *service, const char *username, const char *homedir); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index fabc5a36ac..8f6d4859b0 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -512,44 +512,6 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) } /**************************************************************************** - Setup the share access mask for a connection. -****************************************************************************/ - -uint32_t create_share_access_mask(int snum, - bool readonly_share, - const struct security_token *token) -{ - uint32_t share_access = 0; - - share_access_check(token, - lp_servicename(talloc_tos(), snum), - MAXIMUM_ALLOWED_ACCESS, - &share_access); - - if (readonly_share) { - share_access &= - ~(SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA | - SEC_FILE_WRITE_EA | SEC_FILE_WRITE_ATTRIBUTE | - SEC_DIR_DELETE_CHILD ); - } - - if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) { - share_access |= SEC_FLAG_SYSTEM_SECURITY; - } - if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { - share_access |= (SEC_RIGHTS_PRIV_RESTORE); - } - if (security_token_has_privilege(token, SEC_PRIV_BACKUP)) { - share_access |= (SEC_RIGHTS_PRIV_BACKUP); - } - if (security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) { - share_access |= (SEC_STD_WRITE_OWNER); - } - - return share_access; -} - -/**************************************************************************** Make a connection, given the snum to connect to, and the vuser of the connecting user if appropriate. ****************************************************************************/ diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index efdd824342..b9cebce71a 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -78,6 +78,44 @@ static void free_conn_session_info_if_unused(connection_struct *conn) TALLOC_FREE(conn->session_info); } +/**************************************************************************** + Setup the share access mask for a connection. +****************************************************************************/ + +static uint32_t create_share_access_mask(int snum, + bool readonly_share, + const struct security_token *token) +{ + uint32_t share_access = 0; + + share_access_check(token, + lp_servicename(talloc_tos(), snum), + MAXIMUM_ALLOWED_ACCESS, + &share_access); + + if (readonly_share) { + share_access &= + ~(SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA | + SEC_FILE_WRITE_EA | SEC_FILE_WRITE_ATTRIBUTE | + SEC_DIR_DELETE_CHILD ); + } + + if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) { + share_access |= SEC_FLAG_SYSTEM_SECURITY; + } + if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { + share_access |= (SEC_RIGHTS_PRIV_RESTORE); + } + if (security_token_has_privilege(token, SEC_PRIV_BACKUP)) { + share_access |= (SEC_RIGHTS_PRIV_BACKUP); + } + if (security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) { + share_access |= (SEC_STD_WRITE_OWNER); + } + + return share_access; +} + /******************************************************************* Calculate access mask and if this user can access this share. ********************************************************************/ |