r4724: Add support for Windows privileges in Samba 3.0

(based on Simo's code in trunk). Rewritten with the following changes: * privilege set is based on a 32-bit mask instead of strings (plans are to extend this to a 64 or 128-bit mask before the next 3.0.11preX release). * Remove the privilege code from the passdb API (replication to come later) * Only support the minimum amount of privileges that make sense. * Rewrite the domain join checks to use the SeMachineAccountPrivilege instead of the 'is a member of "Domain Admins"?' check that started all this. Still todo: * Utilize the SePrintOperatorPrivilege in addition to the 'printer admin' parameter * Utilize the SeAddUserPrivilege for adding users and groups * Fix some of the hard coded _lsa_*() calls * Start work on enough of SAM replication to get privileges from one Samba DC to another. * Come up with some management tool for manipultaing privileges instead of user manager since it is buggy when run on a 2k client (haven't tried xp). Works ok on NT4. (This used to be commit 77c10ff9aa6414a31eece6dfec00793f190a9d6c)
author: Gerald Carter <jerry@samba.org> 2005-01-13 18:20:37 +0000
committer: Gerald (Jerry) Carter <jerry@samba.org> 2007-10-10 10:53:51 -0500
commit: d94d87472ca2f3875caa146424caa178ce20274f (patch)
tree: a4c6f78f7b22c649b7d9405aa27f64daf749c1fb /source3/lib/privileges.c
parent: 94b88f8f26342b6ca4afecec459235c523355f6c (diff)
download: samba-d94d87472ca2f3875caa146424caa178ce20274f.tar.gz
samba-d94d87472ca2f3875caa146424caa178ce20274f.tar.bz2
samba-d94d87472ca2f3875caa146424caa178ce20274f.zip
1 files changed, 429 insertions, 218 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 2b8d7613c1..eabb652c3e 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -3,6 +3,7 @@
    Privileges handling functions
    Copyright (C) Jean François Micouleau	1998-2001
    Copyright (C) Simo Sorce			2002-2003
+   Copyright (C) Gerald (Jerry) Carter          2004
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -19,138 +20,152 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
+ 
 #include "includes.h"
 
-/* defines */
+#define PRIVPREFIX              "PRIV_"
 
-#define ALLOC_CHECK(ptr, err, label, str) do { if ((ptr) == NULL) { DEBUG(0, ("%s: out of memory!\n", str)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0)
-#define NTSTATUS_CHECK(err, label, str1, str2) do { if (!NT_STATUS_IS_OK(err)) { DEBUG(0, ("%s: %s failed!\n", str1, str2)); } } while(0)
-
-/****************************************************************************
- Check if a user is a mapped group.
-
-   This function will check if the group SID is mapped onto a
-   system managed gid or onto a winbind manged sid.
-   In the first case it will be threated like a mapped group
-   and the backend should take the member list with a getgrgid
-   and ignore any user that have been possibly set into the group
-   object.
-
-   In the second case, the group is a fully SAM managed group
-   served back to the system through winbind. In this case the
-   members of a Local group are "unrolled" to cope with the fact
-   that unix cannot contain groups inside groups.
-   The backend MUST never call any getgr* / getpw* function or
-   loops with winbind may happen. 
- ****************************************************************************/
-
-#if 0
-NTSTATUS is_mapped_group(BOOL *mapped, const DOM_SID *sid)
-{
-	NTSTATUS result;
-	gid_t id;
-
-	/* look if mapping exist, do not make idmap alloc an uid if SID is not found */
-	result = idmap_get_gid_from_sid(&id, sid, False);
-	if (NT_STATUS_IS_OK(result)) {
-		*mapped = gid_is_in_winbind_range(id);
-	} else {
-		*mapped = False;
-	}
+#define ALLOC_CHECK(ptr, err, label, str) do { if ((ptr) == NULL) \
+	{ DEBUG(0, ("%s: out of memory!\n", str)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0)
+	
+PRIVS privs[] = {
+	{SE_NETWORK_LOGON,		"SeNetworkLogonRight",			"Access this computer from the network"},
+	{SE_INTERACTIVE_LOGON,		"SeInteractiveLogonRight",		"Log on locally"},
+	{SE_BATCH_LOGON,		"SeBatchLogonRight",			"Log on as a batch job"},
+	{SE_SERVICE_LOGON,		"SeServiceLogonRight",			"Log on as a service"},
+
+	{SE_MACHINE_ACCOUNT,		"SeMachineAccountPrivilege",		"Add machines to domain"},
+	{SE_PRINT_OPERATOR,		"SePrintOperatorPrivilege",		"Printer Admin"},
+	{SE_ADD_USERS,			"SeAddUsersPrivilege",			"Add users and groups to the domain"},
+
+	{SE_END,			"",					""}
+};
+	
 
-	return result;
-}
+#if 0	/* not needed currently */
+PRIVS privs[] = {
+	{SE_ASSIGN_PRIMARY_TOKEN,	"SeAssignPrimaryTokenPrivilege",	"Assign Primary Token"},
+	{SE_CREATE_TOKEN,		"SeCreateTokenPrivilege",		"Create Token"},
+	{SE_LOCK_MEMORY,		"SeLockMemoryPrivilege",		"Lock Memory"},
+	{SE_INCREASE_QUOTA,		"SeIncreaseQuotaPrivilege",		"Increase Quota"},
+	{SE_UNSOLICITED_INPUT,		"SeUnsolicitedInputPrivilege",		"Unsolicited Input"},
+	{SE_MACHINE_ACCOUNT,		"SeMachineAccountPrivilege",		"Can add Machine Accounts to the Domain"},
+	{SE_TCB,			"SeTcbPrivilege",			"Act as part of the operating system"},
+	{SE_SECURITY,			"SeSecurityPrivilege",			"Security Privilege"},
+	{SE_TAKE_OWNERSHIP,		"SeTakeOwnershipPrivilege",		"Take Ownership Privilege"},
+	{SE_LOAD_DRIVER,		"SeLocalDriverPrivilege",		"Local Driver Privilege"},
+	{SE_SYSTEM_PROFILE,		"SeSystemProfilePrivilege",		"System Profile Privilege"},
+	{SE_SYSTEM_TIME,		"SeSystemtimePrivilege",		"System Time"},
+	{SE_PROF_SINGLE_PROCESS,	"SeProfileSingleProcessPrivilege",	"Profile Single Process Privilege"},
+	{SE_INC_BASE_PRIORITY,		"SeIncreaseBasePriorityPrivilege",	"Increase Base Priority Privilege"},
+	{SE_CREATE_PAGEFILE,		"SeCreatePagefilePrivilege",		"Create Pagefile Privilege"},
+	{SE_CREATE_PERMANENT,		"SeCreatePermanentPrivilege",		"Create Permanent"},
+	{SE_BACKUP,			"SeBackupPrivilege",			"Backup Privilege"},
+	{SE_RESTORE,			"SeRestorePrivilege",			"Restore Privilege"},
+	{SE_SHUTDOWN,			"SeShutdownPrivilege",			"Shutdown Privilege"},
+	{SE_DEBUG,			"SeDebugPrivilege",			"Debug Privilege"},
+	{SE_AUDIT,			"SeAuditPrivilege",			"Audit"},
+	{SE_SYSTEM_ENVIRONMENT,		"SeSystemEnvironmentPrivilege",		"System Environment Privilege"},
+	{SE_CHANGE_NOTIFY,		"SeChangeNotifyPrivilege",		"Change Notify"},
+	{SE_REMOTE_SHUTDOWN,		"SeRemoteShutdownPrivilege",		"Remote Shutdown Privilege"},
+	{SE_UNDOCK,			"SeUndockPrivilege",			"Undock"},
+	{SE_SYNC_AGENT,			"SeSynchronizationAgentPrivilege",	"Synchronization Agent"},
+	{SE_ENABLE_DELEGATION,		"SeEnableDelegationPrivilege",		"Enable Delegation"},
+	{SE_PRINT_OPERATOR,		"SePrintOperatorPrivilege",		"Printer Operator"},
+	{SE_ADD_USERS,			"SeAddUsersPrivilege",			"Add Users"},
+	{SE_ALL_PRIVS,			"SeAllPrivileges",			"All Privileges"}
+	{SE_END,			"",					""}
+};
 #endif
 
-/****************************************************************************
- duplicate alloc luid_attr
- ****************************************************************************/
-NTSTATUS dupalloc_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la)
-{
-	NTSTATUS ret;
+typedef struct priv_sid_list {
+	uint32 se_priv;
+	SID_LIST sids;
+} PRIV_SID_LIST;
 
-	/* don't crash if the source pointer is NULL (since we don't
-	   do priviledges now anyways) */
+/***************************************************************************
+ Retrieve the privilege mask (set) for a given SID
+****************************************************************************/
 
-	if ( !old_la )
-		return NT_STATUS_OK;
+static uint32 get_privileges( const DOM_SID *sid )
+{
+	TDB_CONTEXT *tdb = get_account_pol_tdb();
+	fstring keystr;
+	uint32 priv_mask;
+	
+	if ( !tdb )
+		return 0;
 
-	*new_la = TALLOC_P(mem_ctx, LUID_ATTR);
-	ALLOC_CHECK(new_la, ret, done, "dupalloc_luid_attr");
+	fstr_sprintf( keystr, "%s%s", PRIVPREFIX, sid_string_static(sid) );
 
-	(*new_la)->luid.high = old_la->luid.high;
-	(*new_la)->luid.low = old_la->luid.low;
-	(*new_la)->attr = old_la->attr;
+	if ( !tdb_fetch_uint32( tdb, keystr, &priv_mask ) ) {
+		DEBUG(3,("get_privileges: No privileges assigned to SID [%s]\n",
+			sid_string_static(sid)));
+		return 0;
+	}
 	
-	ret = NT_STATUS_OK;
-
-done:
-	return ret;
+	return priv_mask;
 }
 
-/****************************************************************************
- initialise a privilege list
- ****************************************************************************/
-NTSTATUS init_privilege(PRIVILEGE_SET **priv_set)
-{
-	NTSTATUS ret;
-	TALLOC_CTX *mem_ctx = talloc_init("privilege set");
-	ALLOC_CHECK(mem_ctx, ret, done, "init_privilege");
-
-	*priv_set = TALLOC_ZERO_P(mem_ctx, PRIVILEGE_SET);
-	ALLOC_CHECK(*priv_set, ret, done, "init_privilege");
+/***************************************************************************
+ Store the privilege mask (set) for a given SID
+****************************************************************************/
 
-	(*priv_set)->mem_ctx = mem_ctx;
+static BOOL set_privileges( const DOM_SID *sid, uint32 mask )
+{
+	TDB_CONTEXT *tdb = get_account_pol_tdb();
+	fstring keystr;
+	
+	if ( !tdb )
+		return False;
 
-	ret = NT_STATUS_OK;
+	fstr_sprintf( keystr, "%s%s", PRIVPREFIX, sid_string_static(sid) );
 
-done:
-	return ret;
+	return tdb_store_uint32( tdb, keystr, mask );
 }
 
-NTSTATUS init_priv_with_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET **priv_set)
+/****************************************************************************
+ check if the privilege is in the privilege list
+****************************************************************************/
+
+static BOOL check_priv_in_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set)
 {
-	NTSTATUS ret;
+	int i;
 
-	*priv_set = TALLOC_ZERO_P(mem_ctx, PRIVILEGE_SET);
-	ALLOC_CHECK(*priv_set, ret, done, "init_privilege");
+	if ( !priv_set )
+		return False;
 
-	(*priv_set)->mem_ctx = mem_ctx;
-	(*priv_set)->ext_ctx = True;
+	for ( i = 0; i < priv_set->count; i++ ) {
+		LUID_ATTR *cur_set;
 
-	ret = NT_STATUS_OK;
+		cur_set = &priv_set->set[i];
 
-done:
-	return ret;
-}
+		/* check only the low and high part. Checking the attr 
+		   field has no meaning */
 
-void reset_privilege(PRIVILEGE_SET *priv_set)
-{
-	priv_set->count = 0;
-	priv_set->control = 0;
-	priv_set->set = NULL;
-}
+		if ( (cur_set->luid.low == set.luid.low) 
+			&& (cur_set->luid.high == set.luid.high) ) 
+		{
+			return True;
+		}
+	}
 
-void destroy_privilege(PRIVILEGE_SET **priv_set)
-{
-	reset_privilege(*priv_set);
-	if (!((*priv_set)->ext_ctx))
-		/* mem_ctx is local, destroy it */
-		talloc_destroy((*priv_set)->mem_ctx);
-	*priv_set = NULL;
+	return False;
 }
 
 /****************************************************************************
  add a privilege to a privilege array
  ****************************************************************************/
-NTSTATUS add_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set)
+
+static NTSTATUS add_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set)
 {
 	NTSTATUS ret;
 	LUID_ATTR *new_set;
 
 	/* check if the privilege is not already in the list */
-	if (NT_STATUS_IS_OK(check_priv_in_privilege(priv_set, set)))
-		return NT_STATUS_UNSUCCESSFUL;
+
+	if ( check_priv_in_privilege(priv_set, set) )
+		return NT_STATUS_OK;
 
 	/* we can allocate memory to add the new privilege */
 
@@ -170,132 +185,222 @@ done:
 	return ret;
 }
 
-/****************************************************************************
- add all the privileges to a privilege array
- ****************************************************************************/
-NTSTATUS add_all_privilege(PRIVILEGE_SET *priv_set)
+/*********************************************************************
+ Generate the LUID_ATTR structure based on a bitmask
+*********************************************************************/
+
+static LUID_ATTR get_privilege_luid( uint32 mask )
 {
-	NTSTATUS result = NT_STATUS_OK;
-	LUID_ATTR set;
+	LUID_ATTR priv_luid;
+
+	priv_luid.attr = 0;
+	priv_luid.luid.high = 0;
+	priv_luid.luid.low = mask;
+
+	return priv_luid;
+}
 
-	set.attr = 0;
-	set.luid.high = 0;
+/*********************************************************************
+ Convert a privilege mask to an LUID_ATTR[] and add the privileges to 
+ the PRIVILEGE_SET
+*********************************************************************/
 
-	/* TODO: set a proper list of privileges */
-	set.luid.low = SE_PRIV_ADD_USERS;
-	result = add_privilege(priv_set, set);
-	NTSTATUS_CHECK(result, done, "add_all_privilege", "add_privilege");
+static void add_privilege_set( PRIVILEGE_SET *privset, uint32 mask )
+{
+	LUID_ATTR luid;
+	int i;
+	
+	for (i=0; privs[i].se_priv != SE_END; i++) {
 
-	set.luid.low = SE_PRIV_ADD_MACHINES;
-	result = add_privilege(priv_set, set);
-	NTSTATUS_CHECK(result, done, "add_all_privilege", "add_privilege");
+		/* skip if the privilege is not part of the mask */
 
-	set.luid.low = SE_PRIV_PRINT_OPERATOR;
-	result = add_privilege(priv_set, set);
-	NTSTATUS_CHECK(result, done, "add_all_privilege", "add_privilege");
+		if ( !(mask & privs[i].se_priv) ) 
+			continue;
 
-	return result;
+		/* remove the bit from the mask */
+
+		mask &= ~privs[i].se_priv;	
+		
+		luid = get_privilege_luid( privs[i].se_priv );
+		
+		add_privilege( privset, luid );
+	}
+
+	/* log an error if we have anything left at this point */
+	if ( mask )
+		DEBUG(0,("add_privilege_set: leftover bits! [0x%x]\n", mask ));
 }
 
-/****************************************************************************
- check if the privilege list is empty
- ****************************************************************************/
-NTSTATUS check_empty_privilege(PRIVILEGE_SET *priv_set)
+/*********************************************************************
+ get a list of all privleges for all sids the in list
+*********************************************************************/
+
+void get_privileges_for_sids(PRIVILEGE_SET *privset, DOM_SID *slist, int scount)
 {
-	if (!priv_set)
-		return NT_STATUS_INVALID_PARAMETER;
+	uint32 priv_mask;
+	int i;
+	
+	for ( i=0; i<scount; i++ ) {
+		priv_mask = get_privileges( &slist[i] );
 
-	if (priv_set->count == 0)
-		return NT_STATUS_OK;
+		/* don't add unless we actually have a privilege assigned */
 
-	return NT_STATUS_UNSUCCESSFUL;
+		if ( priv_mask == 0 )
+			continue;
+		
+		DEBUG(5,("get_privileges_for_sids: sid = %s, privilege mask = 0x%x\n",
+			sid_string_static(&slist[i]), priv_mask));
+			
+		add_privilege_set( privset, priv_mask );
+	}
 }
 
-/****************************************************************************
- check if the privilege is in the privilege list
- ****************************************************************************/
-NTSTATUS check_priv_in_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set)
+
+/*********************************************************************
+ travseral functions for privilege_enumerate_accounts
+*********************************************************************/
+
+static int priv_traverse_fn(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data, void *state)
 {
-	int i;
+	PRIV_SID_LIST *priv = state;
+	int  prefixlen = strlen(PRIVPREFIX);
+	DOM_SID sid;
+	fstring sid_string;
 
-	if (!priv_set)
-		return NT_STATUS_INVALID_PARAMETER;
+	/* check we have a PRIV_+SID entry */
 
-	/* if the list is empty, obviously we can't have it */
-	if (NT_STATUS_IS_OK(check_empty_privilege(priv_set)))
-		return NT_STATUS_UNSUCCESSFUL;
+	if ( strncmp(key.dptr, PRIVPREFIX, prefixlen) != 0)
+		return 0;
+		
+	/* check to see if we are looking for a particular privilege */
 
-	for (i = 0; i < priv_set->count; i++) {
-		LUID_ATTR *cur_set;
+	if ( priv->se_priv != SE_NONE ) {
+		uint32 mask = SVAL(data.dptr, 0);
+		
+		/* if the SID does not have the specified privilege 
+		   then just return */
+		   
+		if ( !(mask & priv->se_priv) )
+			return 0;
+	}
+		
+	fstrcpy( sid_string, &key.dptr[strlen(PRIVPREFIX)] );
 
-		cur_set = &priv_set->set[i];
-		/* check only the low and high part. Checking the attr field has no meaning */
-		if (	(cur_set->luid.low == set.luid.low) &&
-			(cur_set->luid.high == set.luid.high)	) {
-			return NT_STATUS_OK;
-		}
+	if ( !string_to_sid(&sid, sid_string) ) {
+		DEBUG(0,("travsersal_fn_enum__acct: Could not convert SID [%s]\n",
+			sid_string));
+		return 0;
 	}
 
-	return NT_STATUS_UNSUCCESSFUL;
+	add_sid_to_array( &sid, &priv->sids.list, &priv->sids.count );
+	
+	return 0;
 }
 
-/****************************************************************************
- remove a privilege from a privilege array
- ****************************************************************************/
-NTSTATUS remove_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set)
+/*********************************************************************
+ Retreive list of privileged SIDs (for _lsa_enumerate_accounts()
+*********************************************************************/
+
+NTSTATUS privilege_enumerate_accounts(DOM_SID **sids, int *num_sids)
 {
-	NTSTATUS ret;
-	LUID_ATTR *new_set;
-	LUID_ATTR *old_set;
-	int i,j;
+	TDB_CONTEXT *tdb = get_account_pol_tdb();
+	PRIV_SID_LIST priv;
+	
+	ZERO_STRUCT(priv);
+	priv.se_priv = SE_NONE;
 
-	if (!priv_set)
-		return NT_STATUS_INVALID_PARAMETER;
+	tdb_traverse( tdb, priv_traverse_fn, &priv);
 
-	/* check if the privilege is in the list */
-	if (!NT_STATUS_IS_OK(check_priv_in_privilege(priv_set, set)))
-		return NT_STATUS_UNSUCCESSFUL;
+	/* give the memory away; caller will free */
+	
+	*sids      = priv.sids.list;
+	*num_sids  = priv.sids.count;
 
-	/* special case if it's the only privilege in the list */
-	if (priv_set->count == 1) {
-		reset_privilege(priv_set);	
-		return NT_STATUS_OK;
-	}
+	return NT_STATUS_OK;
+}
+
+/***************************************************************************
+ Retrieve the SIDs assigned to a given privilege
+****************************************************************************/
 
-	/* 
-	 * the privilege is there, create a new list,
-	 * and copy the other privileges
-	 */
+NTSTATUS priv_get_sids(const char *privname, DOM_SID **sids, int *num_sids)
+{
+	TDB_CONTEXT *tdb = get_account_pol_tdb();
+	PRIV_SID_LIST priv;
+	
+	ZERO_STRUCT(priv);	
+	priv.se_priv = 
+	
 
-	old_set = priv_set->set;
+	tdb_traverse( tdb, priv_traverse_fn, &priv);
 
-	new_set = TALLOC_ARRAY(priv_set->mem_ctx, LUID_ATTR, priv_set->count - 1);
-	ALLOC_CHECK(new_set, ret, done, "remove_privilege");
+	/* give the memory away; caller will free */
+	
+	*sids      = priv.sids.list;
+	*num_sids  = priv.sids.count;
 
-	for (i=0, j=0; i < priv_set->count; i++) {
-		if (	(old_set[i].luid.low == set.luid.low) && 
-			(old_set[i].luid.high == set.luid.high)	) {
-		    	continue;
-		}
-		
-		new_set[j].luid.low = old_set[i].luid.low;
-		new_set[j].luid.high = old_set[i].luid.high;
-		new_set[j].attr = old_set[i].attr;
+	return NT_STATUS_OK;
+}
 
-		j++;
-	}
+/***************************************************************************
+ Add privilege to sid
+****************************************************************************/
+
+BOOL grant_privilege(const DOM_SID *sid, uint32 priv_mask)
+{
+	uint32 old_mask, new_mask;
 	
-	if (j != priv_set->count - 1) {
-		DEBUG(0,("remove_privilege: mismatch ! difference is not -1\n"));
-		DEBUGADD(0,("old count:%d, new count:%d\n", priv_set->count, j));
-		return NT_STATUS_INTERNAL_ERROR;
-	}
-		
-	/* ok everything is fine */
+	old_mask = get_privileges( sid );
 	
-	priv_set->count--;
-	priv_set->set = new_set;
+	new_mask = old_mask | priv_mask;
+
+	DEBUG(10,("grant_privilege: %s, orig priv set = 0x%x, new privilege set = 0x%x\n",
+		sid_string_static(sid), old_mask, new_mask ));
 	
+	return set_privileges( sid, new_mask );
+}
+
+/***************************************************************************
+ Remove privilege from sid
+****************************************************************************/
+
+BOOL revoke_privilege(const DOM_SID *sid, uint32 priv_mask)
+{
+	uint32 old_mask, new_mask;
+	
+	old_mask = get_privileges( sid );
+	
+	new_mask = old_mask & ~priv_mask;
+
+        DEBUG(10,("revoke_privilege: %s, orig priv set = 0x%x, new priv set = 0x%x\n",
+                sid_string_static(sid), old_mask, new_mask ));
+	
+	return set_privileges( sid, new_mask );
+}
+
+/***************************************************************************
+ Retrieve the SIDs assigned to a given privilege
+****************************************************************************/
+
+NTSTATUS privilege_create_account(const DOM_SID *sid )
+{
+	return ( grant_privilege( sid, SE_NONE ) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL);
+}
+
+/****************************************************************************
+ initialise a privilege list and set the talloc context 
+ ****************************************************************************/
+NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set)
+{
+	NTSTATUS ret;
+	
+	ZERO_STRUCTP( priv_set );
+
+	TALLOC_CTX *mem_ctx = talloc_init("privilege set");
+	ALLOC_CHECK(mem_ctx, ret, done, "init_privilege");
+
+	priv_set->mem_ctx = mem_ctx;
+
 	ret = NT_STATUS_OK;
 
 done:
@@ -303,48 +408,154 @@ done:
 }
 
 /****************************************************************************
- duplicates a privilege array
- the new privilege set must be passed inited
- (use init_privilege or init_priv_with_ctx)
+  initialise a privilege list and with someone else's talloc context 
+****************************************************************************/
+
+NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set)
+{
+	ZERO_STRUCTP( priv_set );
+	
+	priv_set->mem_ctx = mem_ctx;
+	priv_set->ext_ctx = True;
+
+	return NT_STATUS_OK;
+}
+
+/****************************************************************************
+ Free all memory used by a PRIVILEGE_SET
+****************************************************************************/
+
+void privilege_set_free(PRIVILEGE_SET *priv_set)
+{
+	if ( !priv_set )
+		return;
+
+	if ( !( priv_set->ext_ctx ) )
+		talloc_destroy( priv_set->mem_ctx );
+
+	ZERO_STRUCTP( priv_set );
+}
+
+/****************************************************************************
+ duplicate alloc luid_attr
  ****************************************************************************/
-NTSTATUS dup_priv_set(PRIVILEGE_SET *new_priv_set, PRIVILEGE_SET *priv_set)
+
+NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_la, int count)
 {
 	NTSTATUS ret;
-	LUID_ATTR *new_set;
-	LUID_ATTR *old_set;
 	int i;
 
-	if (!new_priv_set || !priv_set)
-		return NT_STATUS_INVALID_PARAMETER;
+	/* don't crash if the source pointer is NULL (since we don't
+	   do priviledges now anyways) */
 
-	/* special case if there are no privileges in the list */
-	if (priv_set->count == 0) {
+	if ( !old_la )
 		return NT_STATUS_OK;
-	}
-
-	/* 
-	 * create a new list,
-	 * and copy the other privileges
-	 */
 
-	old_set = priv_set->set;
-
-	new_set = TALLOC_ARRAY(new_priv_set->mem_ctx, LUID_ATTR, priv_set->count - 1);
-	ALLOC_CHECK(new_set, ret, done, "dup_priv_set");
+	*new_la = TALLOC_ARRAY(mem_ctx, LUID_ATTR, count);
+	ALLOC_CHECK(new_la, ret, done, "dupalloc_luid_attr");
 
-	for (i=0; i < priv_set->count; i++) {
-		
-		new_set[i].luid.low = old_set[i].luid.low;
-		new_set[i].luid.high = old_set[i].luid.high;
-		new_set[i].attr = old_set[i].attr;
+	for (i=0; i<count; i++) {
+		(*new_la)[i].luid.high = old_la[i].luid.high;
+		(*new_la)[i].luid.low = old_la[i].luid.low;
+		(*new_la)[i].attr = old_la[i].attr;
 	}
-			
-	new_priv_set->count = priv_set->count;
-	new_priv_set->control = priv_set->control;
-	new_priv_set->set = new_set;
 	
 	ret = NT_STATUS_OK;
 
 done:
 	return ret;
 }
+
+/****************************************************************************
+ Performa deep copy of a PRIVILEGE_SET structure.  Assumes an initialized 
+ destination structure.
+*****************************************************************************/
+
+BOOL dup_privilege_set( PRIVILEGE_SET *dest, PRIVILEGE_SET *src )
+{
+	NTSTATUS result;
+	
+	if ( !dest || !src )
+		return False;
+
+	result = dup_luid_attr( dest->mem_ctx, &dest->set, src->set, src->count );
+	if ( !NT_STATUS_IS_OK(result) ) {
+		DEBUG(0,("dup_privilege_set: Failed to dup LUID_ATTR array [%s]\n", 
+			nt_errstr(result) ));
+		return False;
+	}
+	
+	dest->control  = src->control;
+	dest->count    = src->count;
+
+	return True;
+}
+
+/****************************************************************************
+ Does the user have the specified privilege ?  We only deal with one privilege
+ at a time here.
+*****************************************************************************/
+
+BOOL user_has_privilege(NT_USER_TOKEN *token, uint32 privilege)
+{
+	return check_priv_in_privilege( &token->privileges, get_privilege_luid(privilege) );
+}
+
+/****************************************************************************
+ Convert a LUID to a named string
+****************************************************************************/
+
+char* luid_to_privilege_name(const LUID *set)
+{
+	static fstring name;
+	int i = 0;
+
+	if (set->high != 0)
+		return NULL;
+
+	for ( i=0; privs[i].se_priv!=SE_END; i++ ) {
+		if (set->low == privs[i].se_priv) {
+			fstrcpy(name, privs[i].name);
+			return name;
+		}
+	}
+
+	return NULL;
+}
+
+/****************************************************************************
+ Convert an LUID to a 32-bit mask
+****************************************************************************/
+
+uint32 luid_to_privilege_mask(const LUID *set)
+{
+	int i = 0;
+
+	if (set->high != 0)
+		return SE_END;
+
+	for ( i=0; privs[i].se_priv != SE_END; i++ ) {
+		if (set->low == privs[i].se_priv)
+			return privs[i].se_priv;
+	}
+
+	return SE_END;
+}
+
+/*******************************************************************
+ return the number of elements in the privlege array
+*******************************************************************/
+
+int count_all_privileges( void )
+{
+	static int count;
+	
+	if ( count )
+		return count;
+
+	/* loop over the array and count it */	
+	for ( count=0; privs[count].se_priv != SE_END; count++ ) ;
+
+	return count;
+}
+
author	Gerald Carter <jerry@samba.org>	2005-01-13 18:20:37 +0000
committer	Gerald (Jerry) Carter <jerry@samba.org>	2007-10-10 10:53:51 -0500
commit	d94d87472ca2f3875caa146424caa178ce20274f (patch)
tree	a4c6f78f7b22c649b7d9405aa27f64daf749c1fb /source3/lib/privileges.c
parent	94b88f8f26342b6ca4afecec459235c523355f6c (diff)
download	samba-d94d87472ca2f3875caa146424caa178ce20274f.tar.gz samba-d94d87472ca2f3875caa146424caa178ce20274f.tar.bz2 samba-d94d87472ca2f3875caa146424caa178ce20274f.zip