diff options
| author | Simo Sorce <idra@samba.org> | 2002-10-06 23:53:34 +0000 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2002-10-06 23:53:34 +0000 |
| commit | 650e0274a1ea98a953b2e6f44e7e8e880d418565 (patch) | |
| tree | 0609f985d0cf4b44c5f9012ffaedc5977c0c2ce8 /source3/lib | |
| parent | 76d111aed1dc6457e98ef4193a44360c8ae769bc (diff) | |
| download | samba-650e0274a1ea98a953b2e6f44e7e8e880d418565.tar.gz samba-650e0274a1ea98a953b2e6f44e7e8e880d418565.tar.bz2 samba-650e0274a1ea98a953b2e6f44e7e8e880d418565.zip | |
try to put every security descriptors related definitions in the same file.
also try to uniform names to a clean scheme.
first part.
(This used to be commit a123e05877caf90c28980be2d84b1d0b46e4fd21)
Diffstat (limited to 'source3/lib')
| -rw-r--r-- | source3/lib/util_seaccess.c | 4 | ||||
| -rw-r--r-- | source3/lib/util_sid.c | 40 |
2 files changed, 30 insertions, 14 deletions
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index 456d7ba9e2..21d7fe8599 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -468,11 +468,11 @@ NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size) sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); /*basic access for every one*/ - init_sec_access(&mask, SAMR_EXECUTE | SAMR_READ); + init_sec_access(&mask, GENERIC_RIGHTS_SAM_EXECUTE | GENERIC_RIGHTS_SAM_READ); init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); /*full access for builtin aliases Administrators and Account Operators*/ - init_sec_access(&mask, SAMR_ALL_ACCESS); + init_sec_access(&mask, GENERIC_RIGHTS_SAM_ALL_ACCESS); init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); init_sec_ace(&ace[2], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 1439471f64..c5b4a143ea 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -5,6 +5,7 @@ Copyright (C) Luke Kenneth Caseson Leighton 1998-1999 Copyright (C) Jeremy Allison 1999 Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Simo Sorce 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -37,16 +38,23 @@ DOM_SID global_sid_NT_Authority; /* NT Authority */ DOM_SID global_sid_System; /* System */ DOM_SID global_sid_NULL; /* NULL sid */ DOM_SID global_sid_Authenticated_Users; /* All authenticated rids */ -DOM_SID global_sid_Network; /* Network rids */ +DOM_SID global_sid_Network; /* Network rids */ -static DOM_SID global_sid_Creator_Owner; /* Creator Owner */ -static DOM_SID global_sid_Creator_Group; /* Creator Group */ -static DOM_SID global_sid_Anonymous; /* Anonymous login */ +static DOM_SID global_sid_Creator_Owner; /* Creator Owner */ +static DOM_SID global_sid_Creator_Group; /* Creator Group */ +static DOM_SID global_sid_Anonymous; /* Anonymous login */ + +DOM_SID global_sid_Builtin; /* Local well-known domain */ +DOM_SID global_sid_Builtin_Administrators; /* Builtin administrators */ +DOM_SID global_sid_Builtin_Users; /* Builtin users */ +DOM_SID global_sid_Builtin_Guests; /* Builtin guest users */ +DOM_SID global_sid_Builtin_Power_Users; /* Builtin power users */ +DOM_SID global_sid_Builtin_Account_Operators; /* Builtin account operators */ +DOM_SID global_sid_Builtin_Server_Operators; /* Builtin server operators */ +DOM_SID global_sid_Builtin_Print_Operators; /* Builtin print operators */ +DOM_SID global_sid_Builtin_Backup_Operators; /* Builtin backup operators */ +DOM_SID global_sid_Builtin_Replicator; /* Builtin replicator */ -DOM_SID global_sid_Builtin; /* Local well-known domain */ -DOM_SID global_sid_Builtin_Administrators; -DOM_SID global_sid_Builtin_Users; -DOM_SID global_sid_Builtin_Guests; /* Builtin guest users */ /* * An NT compatible anonymous token. @@ -112,10 +120,6 @@ void generate_wellknown_sids(void) if (initialised) return; - string_to_sid(&global_sid_Builtin, "S-1-5-32"); - string_to_sid(&global_sid_Builtin_Administrators, "S-1-5-32-544"); - string_to_sid(&global_sid_Builtin_Users, "S-1-5-32-545"); - string_to_sid(&global_sid_Builtin_Guests, "S-1-5-32-546"); string_to_sid(&global_sid_World_Domain, "S-1-1"); string_to_sid(&global_sid_World, "S-1-1-0"); string_to_sid(&global_sid_Creator_Owner_Domain, "S-1-3"); @@ -128,6 +132,18 @@ void generate_wellknown_sids(void) string_to_sid(&global_sid_Network, "S-1-5-2"); string_to_sid(&global_sid_Anonymous, "S-1-5-7"); + /* create well known builtin SIDs */ + string_to_sid(&global_sid_Builtin, "S-1-5-32"); + string_to_sid(&global_sid_Builtin_Administrators, "S-1-5-32-544"); + string_to_sid(&global_sid_Builtin_Users, "S-1-5-32-545"); + string_to_sid(&global_sid_Builtin_Guests, "S-1-5-32-546"); + string_to_sid(&global_sid_Builtin_Power_Users, "S-1-5-32-547"); + string_to_sid(&global_sid_Builtin_Account_Operators, "S-1-5-32-548"); + string_to_sid(&global_sid_Builtin_Server_Operators, "S-1-5-32-549"); + string_to_sid(&global_sid_Builtin_Print_Operators, "S-1-5-32-550"); + string_to_sid(&global_sid_Builtin_Backup_Operators, "S-1-5-32-551"); + string_to_sid(&global_sid_Builtin_Replicator, "S-1-5-32-552"); + /* Create the anon token. */ sid_copy( &anonymous_token.user_sids[0], &global_sid_World); sid_copy( &anonymous_token.user_sids[1], &global_sid_Network); |