diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-08-30 15:38:18 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-09-11 18:46:11 +1000 |
commit | 9883993b66826d2f692ebdd3c928f4f7a0cddc7d (patch) | |
tree | 7b7e52da490f28770e18d3e051c189efda748957 /source3/lib | |
parent | ad5ec58a714aba1f6c0894ca4e7207f1c5072949 (diff) | |
download | samba-9883993b66826d2f692ebdd3c928f4f7a0cddc7d.tar.gz samba-9883993b66826d2f692ebdd3c928f4f7a0cddc7d.tar.bz2 samba-9883993b66826d2f692ebdd3c928f4f7a0cddc7d.zip |
s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmap
This avoids us dealing with the privilege bitmap in the LSA server, and
overhauls much of the rest of the handling to be currnet with the modern
world of talloc.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/privileges.c | 67 |
1 files changed, 17 insertions, 50 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 181ea5c986..31b0e7dc55 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -149,6 +149,23 @@ bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int sc return found; } +NTSTATUS get_privileges_for_sid_as_set(TALLOC_CTX *mem_ctx, PRIVILEGE_SET **privileges, struct dom_sid *sid) +{ + uint64_t mask; + if (!get_privileges(sid, &mask)) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + + *privileges = talloc_zero(mem_ctx, PRIVILEGE_SET); + if (!*privileges) { + return NT_STATUS_NO_MEMORY; + } + + if (!se_priv_to_privilege_set(*privileges, mask)) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_OK; +} /********************************************************************* traversal functions for privilege_enumerate_accounts @@ -435,56 +452,6 @@ NTSTATUS privilege_delete_account(const struct dom_sid *sid) } /**************************************************************************** - initialise a privilege list and set the talloc context - ****************************************************************************/ - -NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set) -{ - TALLOC_CTX *mem_ctx; - - ZERO_STRUCTP( priv_set ); - - mem_ctx = talloc_init("privilege set"); - if ( !mem_ctx ) { - DEBUG(0,("privilege_set_init: failed to initialize talloc ctx!\n")); - return NT_STATUS_NO_MEMORY; - } - - priv_set->mem_ctx = mem_ctx; - - return NT_STATUS_OK; -} - -/**************************************************************************** - initialise a privilege list and with someone else's talloc context -****************************************************************************/ - -NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set) -{ - ZERO_STRUCTP( priv_set ); - - priv_set->mem_ctx = mem_ctx; - priv_set->ext_ctx = True; - - return NT_STATUS_OK; -} - -/**************************************************************************** - Free all memory used by a PRIVILEGE_SET -****************************************************************************/ - -void privilege_set_free(PRIVILEGE_SET *priv_set) -{ - if ( !priv_set ) - return; - - if ( !( priv_set->ext_ctx ) ) - talloc_destroy( priv_set->mem_ctx ); - - ZERO_STRUCTP( priv_set ); -} - -/**************************************************************************** duplicate alloc luid_attr ****************************************************************************/ |