Ok, this patch removes the privilege stuff we had in, unused, for some time.

The code was nice, but put in the wrong place (group mapping) and not
supported by most of the code, thus useless.

We will put back most of the code when our infrastructure will be changed
so that privileges actually really make sense to be set.

This is a first patch of a set to enhance all our mapping code cleaness and
stability towards a sane next beta for 3.0 code base

Simo.
(This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e)

4 files changed, 13 insertions, 44 deletions

diff --git a/source3/utils/net.c b/source3/utils/net.c
index 2b1609e225..0f43c4aad3 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -595,7 +595,7 @@ static uint32 get_maxrid(void)
 	pdb_free_sam(&pwd);
 
 	if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &num_entries,
-				    ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV))
+				    ENUM_ONLY_MAPPED))
 		return max_rid;
 
 	for (i = 0; i < num_entries; i++) {
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c
index 905fdf6287..fd6e4aef59 100644
--- a/source3/utils/net_groupmap.c
+++ b/source3/utils/net_groupmap.c
@@ -65,7 +65,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input)
 
 	if (StrnCaseCmp( input, "S-", 2)) {
 		/* Perhaps its the NT group name? */
-		if (!pdb_getgrnam(&map, input, MAPPING_WITHOUT_PRIV)) {
+		if (!pdb_getgrnam(&map, input)) {
 			printf("NT Group %s doesn't exist in mapping DB\n", input);
 			return False;
 		} else {
@@ -88,11 +88,9 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list )
 {
 	fstring string_sid;
 	fstring group_type;
-	fstring priv_text;
 	
 	decode_sid_name_use(group_type, map.sid_name_use);
 	sid_to_string(string_sid, &map.sid);
-	convert_priv_to_text(&(map.priv_set), priv_text);
 		
 	if (!long_list)
 		d_printf("%s (%s) -> %s\n", map.nt_name, string_sid, gidtoname(map.gid));
@@ -102,7 +100,6 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list )
 		d_printf("\tUnix group: %s\n", gidtoname(map.gid));
 		d_printf("\tGroup type: %s\n", group_type);
 		d_printf("\tComment   : %s\n", map.comment);
-		d_printf("\tPrivilege : %s\n\n", priv_text);
 	}
 
 }
@@ -155,23 +152,21 @@ int net_groupmap_list(int argc, const char **argv)
 		}
 
 		/* Get the current mapping from the database */
-		if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) {
+		if(!pdb_getgrsid(&map, sid)) {
 			d_printf("Failure to local group SID in the database\n");
 			return -1;
 		}
 	
 		print_map_entry( map, long_list );
-		free_privilege(&(map.priv_set));	
 	}
 	else {
 		GROUP_MAP *map=NULL;
 		/* enumerate all group mappings */
-		if ( !pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV) )
+		if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED))
 			return -1;
 	
 		for (i=0; i<entries; i++) {
 			print_map_entry( map[i], long_list );
-			free_privilege(&(map[i].priv_set));
 		}
 	}
 
@@ -184,7 +179,6 @@ int net_groupmap_list(int argc, const char **argv)
 
 int net_groupmap_add(int argc, const char **argv)
 {
-	PRIVILEGE_SET se_priv;
 	DOM_SID sid;
 	fstring ntgroup = "";
 	fstring unixgrp = "";
@@ -280,20 +274,11 @@ int net_groupmap_add(int argc, const char **argv)
 		fstrcpy( ntgroup, unixgrp );
 		
 	
-	init_privilege(&se_priv);
-#if 0
-	if (privilege!=NULL)
-		convert_priv_from_text(&se_priv, privilege);
-#endif
-
-	if (!add_initial_entry(gid, string_sid, sid_type, ntgroup,
-			      ntcomment, se_priv, PR_ACCESS_FROM_NETWORK) ) {
+	if (!add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment)) {
 		d_printf("adding entry for group %s failed!\n", ntgroup);
 		return -1;
 	}
 
-	free_privilege(&se_priv);
-		
 	d_printf("Successully added group %s to the mapping db\n", ntgroup);
 	return 0;
 }
@@ -381,7 +366,7 @@ int net_groupmap_modify(int argc, const char **argv)
 	}	
 
 	/* Get the current mapping from the database */
-	if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) {
+	if(!pdb_getgrsid(&map, sid)) {
 		d_printf("Failure to local group SID in the database\n");
 		return -1;
 	}
@@ -390,9 +375,8 @@ int net_groupmap_modify(int argc, const char **argv)
 	 * Allow changing of group type only between domain and local
 	 * We disallow changing Builtin groups !!! (SID problem)
 	 */ 
-	if ( sid_type != SID_NAME_UNKNOWN ) 
-	{ 
-		if ( map.sid_name_use == SID_NAME_WKN_GRP ) {
+	if (sid_type != SID_NAME_UNKNOWN) { 
+		if (map.sid_name_use == SID_NAME_WKN_GRP) {
 			d_printf("You can only change between domain and local groups.\n");
 			return -1;
 		}
@@ -418,20 +402,11 @@ int net_groupmap_modify(int argc, const char **argv)
 		map.gid = gid;
 	}
 
-#if 0
-	/* Change the privilege if new one */
-	if (privilege!=NULL)
-		convert_priv_from_text(&map.priv_set, privilege);
-#endif
-
 	if ( !pdb_update_group_mapping_entry(&map) ) {
 		d_printf("Could not update group database\n");
-		free_privilege(&map.priv_set);
 		return -1;
 	}
 	
-	free_privilege(&map.priv_set);
-	
 	d_printf("Updated mapping entry for %s\n", ntgroup);
 
 	return 0;
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index 72231fd527..ada2d274ba 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -460,7 +460,7 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
 
 	sid = *pdb_get_group_sid(sam_account);
 
-	if (!pdb_getgrsid(&map, sid, False)) {
+	if (!pdb_getgrsid(&map, sid)) {
 		DEBUG(0, ("Primary group of %s has no mapping!\n",
 			  pdb_get_username(sam_account)));
 		pdb_free_sam(&sam_account);
@@ -518,7 +518,7 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta)
 	sid_append_rid(&group_sid, rid);
 	sid_to_string(sid_string, &group_sid);
 
-	if (pdb_getgrsid(&map, group_sid, False)) {
+	if (pdb_getgrsid(&map, group_sid)) {
 		grp = getgrgid(map.gid);
 		insert = False;
 	}
@@ -544,9 +544,6 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta)
 	fstrcpy(map.nt_name, name);
 	fstrcpy(map.comment, comment);
 
-	map.priv_set.count = 0;
-	map.priv_set.set = NULL;
-
 	if (insert)
 		pdb_add_group_mapping_entry(&map);
 	else
@@ -573,7 +570,7 @@ fetch_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *delta)
 	sid_copy(&group_sid, get_global_sam_sid());
 	sid_append_rid(&group_sid, rid);
 
-	if (!get_domain_group_from_sid(group_sid, &map, False)) {
+	if (!get_domain_group_from_sid(group_sid, &map)) {
 		DEBUG(0, ("Could not find global group %d\n", rid));
 		return NT_STATUS_NO_SUCH_GROUP;
 	}
@@ -698,7 +695,7 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta,
 	sid_append_rid(&alias_sid, rid);
 	sid_to_string(sid_string, &alias_sid);
 
-	if (pdb_getgrsid(&map, alias_sid, False)) {
+	if (pdb_getgrsid(&map, alias_sid)) {
 		grp = getgrgid(map.gid);
 		insert = False;
 	}
@@ -728,9 +725,6 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta,
 	fstrcpy(map.nt_name, name);
 	fstrcpy(map.comment, comment);
 
-	map.priv_set.count = 0;
-	map.priv_set.set = NULL;
-
 	if (insert)
 		pdb_add_group_mapping_entry(&map);
 	else
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index d540bf42de..571775a741 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -91,7 +91,7 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) {
 
 	if (NT_STATUS_IS_ERR(in->pdb_enum_group_mapping(in, SID_NAME_UNKNOWN,
 							&maps, &entries,
-							False, False))) {
+							False))) {
 		fprintf(stderr, "Can't get group mappings!\n");
 		return 1;
 	}