diff options
| author | Jeremy Allison <jra@samba.org> | 2008-10-09 09:49:03 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2008-10-09 09:49:03 -0700 |
| commit | e5692d4cbe70dc4f2aba88db4fa3b68c572c6142 (patch) | |
| tree | f67b14c975fbf018ac4bbaf947230b95c077a8ed /source3/rpc_server | |
| parent | 45b359a77f006a366837efa3ad51570942bc4faa (diff) | |
| download | samba-e5692d4cbe70dc4f2aba88db4fa3b68c572c6142.tar.gz samba-e5692d4cbe70dc4f2aba88db4fa3b68c572c6142.tar.bz2 samba-e5692d4cbe70dc4f2aba88db4fa3b68c572c6142.zip | |
Remove SEC_ACCESS. It's a uint32_t.
Jeremy.
Diffstat (limited to 'source3/rpc_server')
| -rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 10 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 19 | ||||
| -rw-r--r-- | source3/rpc_server/srv_svcctl_nt.c | 9 |
3 files changed, 16 insertions, 22 deletions
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 94517f3478..0e9d121242 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -290,22 +290,18 @@ static NTSTATUS lsa_get_generic_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s DOM_SID adm_sid; SEC_ACE ace[3]; - SEC_ACCESS mask; SEC_ACL *psa = NULL; - init_sec_access(&mask, LSA_POLICY_EXECUTE); - init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, LSA_POLICY_EXECUTE, 0); sid_copy(&adm_sid, get_global_sam_sid()); sid_append_rid(&adm_sid, DOMAIN_GROUP_RID_ADMINS); - init_sec_access(&mask, LSA_POLICY_ALL_ACCESS); - init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, LSA_POLICY_ALL_ACCESS, 0); sid_copy(&local_adm_sid, &global_sid_Builtin); sid_append_rid(&local_adm_sid, BUILTIN_ALIAS_RID_ADMINS); - init_sec_access(&mask, LSA_POLICY_ALL_ACCESS); - init_sec_ace(&ace[2], &local_adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[2], &local_adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, LSA_POLICY_ALL_ACCESS, 0); if((psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, 3, ace)) == NULL) return NT_STATUS_NO_MEMORY; diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 1b1e98c049..6455f02374 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -113,36 +113,35 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd { DOM_SID domadmin_sid; SEC_ACE ace[5]; /* at most 5 entries */ - SEC_ACCESS mask; size_t i = 0; SEC_ACL *psa = NULL; /* basic access for Everyone */ - init_sec_access(&mask, map->generic_execute | map->generic_read ); - init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, + map->generic_execute | map->generic_read, 0); /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */ - init_sec_access(&mask, map->generic_all); - - init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, + SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, + SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); /* Add Full Access for Domain Admins if we are a DC */ if ( IS_DC ) { sid_copy( &domadmin_sid, get_global_sam_sid() ); sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS ); - init_sec_ace(&ace[i++], &domadmin_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &domadmin_sid, + SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0); } /* if we have a sid, give it some special access */ if ( sid ) { - init_sec_access( &mask, sid_access ); - init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, sid_access, 0); } /* create the security descriptor */ diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index 6bb538a311..a57d0ff4a4 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -140,7 +140,6 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token, static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) { SEC_ACE ace[2]; - SEC_ACCESS mask; size_t i = 0; SEC_DESC *sd; SEC_ACL *acl; @@ -148,13 +147,13 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) /* basic access for Everyone */ - init_sec_access(&mask, SC_MANAGER_READ_ACCESS ); - init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_World, + SEC_ACE_TYPE_ACCESS_ALLOWED, SC_MANAGER_READ_ACCESS, 0); /* Full Access 'BUILTIN\Administrators' */ - init_sec_access(&mask,SC_MANAGER_ALL_ACCESS ); - init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, + SEC_ACE_TYPE_ACCESS_ALLOWED, SC_MANAGER_ALL_ACCESS, 0); /* create the security descriptor */ |