summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-12-11 13:19:41 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:07:19 -0500
commitadbdb055ee08b0aede06ecec34157ecf4f22c9de (patch)
treeb2138f42ba6e435e704a31c63ce39a8fa7ca2750 /source4/auth
parent02a9aa08923e348af2cda9829b64a5f98282164d (diff)
downloadsamba-adbdb055ee08b0aede06ecec34157ecf4f22c9de.tar.gz
samba-adbdb055ee08b0aede06ecec34157ecf4f22c9de.tar.bz2
samba-adbdb055ee08b0aede06ecec34157ecf4f22c9de.zip
r4151: added privilege attribute handling on samdb.
pvfs will now honor some privileges on ACLs, and it will be quite easy to add the checks for more privileges in the necessary places, by making calls to sec_privilege_check(). (This used to be commit 3549039d0fbc54f87ae679e7288b82b28713e487)
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth_util.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index 4a60c3f847..2b6d5324ee 100644
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -353,6 +353,7 @@ NTSTATUS create_security_token(TALLOC_CTX *mem_ctx,
{
struct security_token *ptoken;
int i;
+ NTSTATUS status;
ptoken = security_token_initialise(mem_ctx);
if (ptoken == NULL) {
@@ -397,6 +398,13 @@ NTSTATUS create_security_token(TALLOC_CTX *mem_ctx,
ptoken->sids[ptoken->num_sids++] = groupSIDs[i];
}
}
+
+ /* setup the privilege mask for this token */
+ status = samdb_privilege_setup(ptoken);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(ptoken);
+ return status;
+ }
debug_security_token(DBGC_AUTH, 10, ptoken);