summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-06-03 22:34:13 +1000
committerAndreas Schneider <asn@samba.org>2012-06-19 10:38:13 +0200
commite49656e2ee596a481277a5a2c3dd5d3969411c19 (patch)
tree73a3810c85f79ad85f23a3f3a20cf7018fe9c3b5
parent873ec60f5406aecdbb1f6a1149af517f21939e43 (diff)
downloadsamba-e49656e2ee596a481277a5a2c3dd5d3969411c19.tar.gz
samba-e49656e2ee596a481277a5a2c3dd5d3969411c19.tar.bz2
samba-e49656e2ee596a481277a5a2c3dd5d3969411c19.zip
auth: Use only security_token_is_system to determine that a user is SYSTEM
This removes the duplication on how to detect that a user is system in Samba now that the smbd system account is also only SID_NT_SYSTEM we can use the same check everywhere. Andrew Bartlett Signed-off-by: Andreas Schneider <asn@samba.org>
-rw-r--r--librpc/idl/auth.idl5
-rw-r--r--source3/auth/auth_util.c4
-rw-r--r--source3/rpc_server/samr/srv_samr_nt.c2
-rw-r--r--source4/auth/unix_token.c2
4 files changed, 1 insertions, 12 deletions
diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
index b0494f99ec..0bed671039 100644
--- a/librpc/idl/auth.idl
+++ b/librpc/idl/auth.idl
@@ -60,11 +60,6 @@ interface auth
} auth_user_info_torture;
typedef [public] struct {
- /* These match exactly the values from the
- * auth_serversupplied_info, but should be changed to
- * checks involving just the SIDs */
- boolean8 system;
-
[unique,charset(UTF8),string] char *unix_name;
/*
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 91fecfedbf..2ac46e6c5f 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -506,8 +506,6 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
session_info->unix_info->sanitized_username =
talloc_strdup(session_info->unix_info, tmp);
- session_info->unix_info->system = server_info->system;
-
if (session_key) {
data_blob_free(&session_info->session_key);
session_info->session_key = data_blob_talloc(session_info,
@@ -1047,8 +1045,6 @@ static NTSTATUS make_new_session_info_system(TALLOC_CTX *mem_ctx,
return status;
}
- (*session_info)->unix_info->system = true;
-
TALLOC_FREE((*session_info)->security_token->sids);
(*session_info)->security_token->num_sids = 0;
diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index 77888ea1e8..b52e88c7a9 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -2711,7 +2711,7 @@ static NTSTATUS get_user_info_18(struct pipes_struct *p,
ZERO_STRUCTP(r);
- if (p->session_info->unix_info->system) {
+ if (security_token_is_system(p->session_info->security_token)) {
goto query;
}
diff --git a/source4/auth/unix_token.c b/source4/auth/unix_token.c
index 7a7d464f0d..38109452a4 100644
--- a/source4/auth/unix_token.c
+++ b/source4/auth/unix_token.c
@@ -142,8 +142,6 @@ NTSTATUS auth_session_info_fill_unix(struct wbc_context *wbc_ctx,
session_info->unix_info = talloc_zero(session_info, struct auth_user_info_unix);
NT_STATUS_HAVE_NO_MEMORY(session_info->unix_info);
- session_info->unix_info->system = security_token_is_system(session_info->security_token);
-
session_info->unix_info->unix_name = talloc_asprintf(session_info->unix_info,
"%s%s%s", session_info->info->domain_name,
lpcfg_winbind_separator(lp_ctx),