summaryrefslogtreecommitdiff
path: root/libcli/security/privileges.c
AgeCommit message (Collapse)AuthorFilesLines
2010-12-02Turns out there are lots of places in S3 where token passed inJeremy Allison1-0/+4
here can be NULL (become_root() sets the current security token to NULL for example). Ensure we don't crash. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Dec 2 03:26:03 CET 2010 on sn-devel-104
2010-10-21Add code to implement SeSecurityPrivilege in net rpc rights, and in theJeremy Allison1-6/+3
open and get/set NT security descriptor code. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 21 00:15:57 UTC 2010 on sn-devel-104
2010-10-12libcli/security Add debug class to security_token_debug() et alAndrew Bartlett1-9/+11
This will allow it to replace functions in source3 that use debug classes. Andrew Bartlett
2010-09-11libcli/privileges Fix commentAndrew Bartlett1-1/+1
2010-09-11s4-privs Seperate rights and privilegesAndrew Bartlett1-14/+51
These are related, but slightly different concepts. The biggest difference is that rights are not enumerated as a system-wide list. This moves the rights to security.idl due to dependencies. Andrew Bartlett
2010-09-11libcli/security Move 'private' privileges functions to another headerAndrew Bartlett1-0/+1
These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove 'always true' return from se_priv_put_all_privilegesAndrew Bartlett1-2/+1
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11privileges: privilege luids are not all below 64Andrew Tridgell1-3/+0
the ones brought across from s3 have higher values Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-11libcli/security Make sec_privilege_from_index() return SEC_PRIV_INVALID on ↵Andrew Bartlett1-1/+1
failure This is clearer and more consistent than using a magic -1 return Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Expose sec_privilege_mask()Andrew Bartlett1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure.Andrew Bartlett1-1/+1
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove unused functions and constants.Andrew Bartlett1-215/+14
All the callers to these functions have been removed or reworked. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Rename all privilege bitmaps constantsAndrew Bartlett1-28/+28
The idea here to to make it very clear how they differ from the enumerated LUID values. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove luid_to_se_priv() and luid_to_privilege_name()Andrew Bartlett1-43/+4
These functions duplicate other functions in the merged code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Improve dump of privileges: Just walk the tableAndrew Bartlett1-5/+4
This removes some logic recently added that was just too smart - it is easier to just walk the table and do a bit match here. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove pointer indirection from se_priv_to_privilege_set()Andrew Bartlett1-2/+2
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Don't export privs[] as a global variableAndrew Bartlett1-24/+19
Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Merge privilege lists from source3 and source4Andrew Bartlett1-169/+126
The LSA enumeration in source3 will not show the new privileges, but otherwise, they are now in common, and can be set by name. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Return number of entries in the old source3 listAndrew Bartlett1-3/+4
This ensures there isn't a behaviour change when the source3 list is combined with the longer source4 list. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/privileges Simplify get_privilege_luid() to return just the enumAndrew Bartlett1-8/+3
As Samba only deals with the lower 32 bits of the LUID, just return those and let the LSA layer deal with the upper 0 bits. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Don't memcpy a uint64_t value, just assign it.Andrew Bartlett1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Use ARRAY_SIZE() consistantly.Andrew Bartlett1-15/+16
This avoids the use of SE_END, and has all callers walking the array using the same termination condition. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Fix and clarify privilege manipulation function commentsAndrew Bartlett1-9/+9
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Make the two privileges tables share a common struct definitionAndrew Bartlett1-26/+21
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Move source4/ privileges code into the common libcli/securityAndrew Bartlett1-0/+289
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Inline dump_se_priv into callers now that it's just a uint64_tAndrew Bartlett1-9/+0
The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Use talloc_realloc() not TALLOC_REALLOC_ARRAY()Andrew Bartlett1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Use C99 typesAndrew Bartlett1-3/+3
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Use true and false, not True and FalseAndrew Bartlett1-22/+22
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Move source3/ privileges implmentation into commonAndrew Bartlett1-0/+457
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>