diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-08-30 13:14:40 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-09-11 18:46:10 +1000 |
| commit | ed6b4ddd71ebdcdbdea7949ecbef11f409766534 (patch) | |
| tree | 06b402d6b114492f7c68b26e03246c9950b41e48 | |
| parent | 92efe9a86aae64d85323a9fcf6d20fd3f85bc22c (diff) | |
| download | samba-ed6b4ddd71ebdcdbdea7949ecbef11f409766534.tar.gz samba-ed6b4ddd71ebdcdbdea7949ecbef11f409766534.tar.bz2 samba-ed6b4ddd71ebdcdbdea7949ecbef11f409766534.zip | |
s3-privs Directly manipulate the privileges bitmap.
There is no longer any reason to go via the se_ functions to
manipulate this bitmap.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
| -rw-r--r-- | source3/lib/privileges.c | 8 | ||||
| -rw-r--r-- | source3/lib/util_nttoken.c | 11 | ||||
| -rw-r--r-- | source3/libgpo/gpo_reg.c | 2 |
3 files changed, 7 insertions, 14 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 349067f047..42fccf8b71 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -130,7 +130,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc int i; bool found = False; - se_priv_copy( privileges, &se_priv_none ); + *privileges = 0; for ( i=0; i<scount; i++ ) { /* don't add unless we actually have a privilege assigned */ @@ -142,7 +142,7 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc "set: 0x%llx\n", sid_string_dbg(&slist[i]), (unsigned long long)mask)); - se_priv_add( privileges, &mask ); + *privileges |= mask; found = True; } @@ -224,8 +224,6 @@ NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids) ZERO_STRUCT(priv); - se_priv_copy( &priv.privilege, &se_priv_none ); - db->traverse_read(db, priv_traverse_fn, &priv); /* give the memory away; caller will free */ @@ -252,7 +250,7 @@ NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx, ZERO_STRUCT(priv); - se_priv_copy(&priv.privilege, mask); + priv.privilege = *mask; priv.mem_ctx = mem_ctx; db->traverse_read(db, priv_traverse_fn, &priv); diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c index 8efebaf9eb..3130ed89fb 100644 --- a/source3/lib/util_nttoken.c +++ b/source3/lib/util_nttoken.c @@ -56,12 +56,7 @@ struct security_token *dup_nt_token(TALLOC_CTX *mem_ctx, const struct security_t token->num_sids = ptoken->num_sids; } - /* copy the privileges; don't consider failure to be critical here */ - - if ( !se_priv_copy( &token->privilege_mask, &ptoken->privilege_mask ) ) { - DEBUG(0,("dup_nt_token: Failure to copy privilages!. " - "Continuing with 0 privileges assigned.\n")); - } + token->privilege_mask = ptoken->privilege_mask; return token; } @@ -108,8 +103,8 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx, } } - se_priv_add(&token->privilege_mask, &token_1->privilege_mask); - se_priv_add(&token->privilege_mask, &token_2->privilege_mask); + token->privilege_mask |= token_1->privilege_mask; + token->privilege_mask |= token_2->privilege_mask; *token_out = token; diff --git a/source3/libgpo/gpo_reg.c b/source3/libgpo/gpo_reg.c index 39d072f689..f599435e6c 100644 --- a/source3/libgpo/gpo_reg.c +++ b/source3/libgpo/gpo_reg.c @@ -37,7 +37,7 @@ struct security_token *registry_create_system_token(TALLOC_CTX *mem_ctx) return NULL; } - token->privilege_mask = se_priv_all; + token->privilege_mask = SE_ALL_PRIVS; if (!NT_STATUS_IS_OK(add_sid_to_array(token, &global_sid_System, &token->sids, &token->num_sids))) { |