summaryrefslogtreecommitdiff
path: root/source3/lib/privileges.c
AgeCommit message (Collapse)AuthorFilesLines
2010-06-07s3-privileges: use LUID defines from lsa IDL.Günther Deschner1-4/+4
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-15/+15
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2009-05-16s3-privileges: add privilege_delete_account().Günther Deschner1-0/+28
Guenther
2009-05-16s3-privileges: remove trailing whitespace from privileges codes.Günther Deschner1-45/+45
Guenther
2008-04-01Convert account_pol.tdb to dbwrapVolker Lendecke1-19/+20
Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit 0b36871a0d795183f0e9dc78b654788b1988f06e)
2008-01-09Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.Michael Adam1-2/+4
Michael (This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
2007-12-15s/sid_to_string/sid_to_fstring/Volker Lendecke1-2/+2
least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-15Replace sid_string_static with sid_to_stringVolker Lendecke1-4/+4
This adds 28 fstrings on the stack, but I think an fstring on the stack is still far better than a static one. (This used to be commit c7c885078be8fd3024c186044ac28275d7609679)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke1-6/+6
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-11/+11
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25040: Add "net sam rights"Volker Lendecke1-1/+32
Not strictly in the SAM, but close enough. This command acts directly on the local tdb, no running smbd required This also changes the root-only check to a warning (This used to be commit 0c5657b5eff60e3c52de8fbb4ce9346d0341854c)
2007-10-10r24435: Fix typo.Günther Deschner1-1/+1
Guenther (This used to be commit 8705f890b11e7158b5c77cbd3a6dfae8eb26776e)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23485: This checkin consists mostly of refactorings in preparation of theMichael Adam1-487/+18
activation of global registry options in loadparm.c, mainly to extract functionality from net_conf.c to be made availabel elsewhere and to minimize linker dependencies. In detail: * move functions registry_push/pull_value from lib/util_reg.c to new file lib/util_reg_api.c * create a fake user token consisting of builtin administrators sid and se_disk_operators privilege by hand instead of using get_root_nt_token() to minimize linker deps for bin/net. + new function registry_create_admin_token() in new lib/util_reg_smbconf.c + move dup_nt_token from auth/token_util.c to new file lib/util_nttoken.c + adapt net_conf.c and Makefile.in accordingly. * split lib/profiles.c into two parts: new file lib/profiles_basic.c takes all the low level mask manipulation and format conversion functions (se_priv, privset, luid). the privs array is completely hidden from profiles.c by adding some access-functions. some mask-functions are not static anymore. Generally, SID- and LUID-related stuff that has more dependencies is kept in lib/profiles.c * Move initialization of regdb from net_conf.c into a function registry_init_regdb() in lib/util_reg_smbconf.c. Michael (This used to be commit efd3e2bfb756ac5c4df7984791c67e7ae20a582e)
2007-10-10r22589: Make TALLOC_ARRAY consistent across all uses.Jeremy Allison1-4/+8
Jeremy. (This used to be commit 8968808c3b5b0208cbad9ac92eaf948f2c546dd9)
2007-10-10r22009: change TDB_DATA from char * to unsigned char *Stefan Metzmacher1-3/+3
and fix all compiler warnings in the users metze (This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f)
2007-10-10r21976: make use of tdb_*_bystring() and string_term_tdb_data() in lib/Stefan Metzmacher1-8/+4
to avoid creating the TDB_DATA struct from strings "by hand" metze (This used to be commit c22b86595a502eb48c9d0038faee8a9ee41b8438)
2007-10-10r20090: Fix a class of bugs found by James Peach. EnsureJeremy Allison1-1/+3
we never mix malloc and talloc'ed contexts in the add_XX_to_array() and add_XX_to_array_unique() calls. Ensure that these calls always return False on out of memory, True otherwise and always check them. Ensure that the relevent parts of the conn struct and the nt_user_tokens are TALLOC_DESTROYED not SAFE_FREE'd. James - this should fix your crash bug in both branches. Jeremy. (This used to be commit 0ffca7559e07500bd09a64b775e230d448ce5c24)
2007-10-10r19932: Add some constVolker Lendecke1-2/+3
(This used to be commit be3c444c37dc6f0ab91a2815a2efe6f7c38818c5)
2007-10-10r17334: Some C++ warningsVolker Lendecke1-1/+1
(This used to be commit 8ae7ed1f3cecbb5285313d17b5f9511e2e622f0b)
2007-10-10r16396: Klocwork #1170. Null deref.Jeremy Allison1-0/+4
Jeremy. (This used to be commit 220627ab70977a9a26dc0e010f73195c2c87ec96)
2007-10-10r14432: Give in and grant BUILT\Administrators all privilegesGerald Carter1-1/+19
(This used to be commit b6170910604dba6533b727de8d7f0cc75256d14f)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-1/+1
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-2/+3
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r10454: * prevent privilege code from storing an empty SIDGerald Carter1-7/+31
(and filter it out if one is already there) * Fix LUID value match in privilege_set_to_se_priv() (fix jmcd's bug report). (This used to be commit 356334264f5cd3a2480c3288ec40e0ee63264e1b)
2007-10-10r9952: Adapt better to the Windows way of taking and assigning ownership:Günther Deschner1-0/+1
* Users with SeRestorePrivilege may chown files to anyone (be it as a backup software or directly using the ownership-tab in the security acl editor on xp), while * Users with SeTakeOwnershipPrivilege only can chown to themselves. Simo, Jeremy. I think this is correct now. Guenther (This used to be commit 1ef7a192eed457d302a08c692bb54a73a1af4afd)
2007-10-10r9029: Another crash bug when enumerating privileges.Günther Deschner1-1/+1
Thanks Volker! Guenther (This used to be commit e59c7c76d7ce52c7e16c4978c017636383ec57a5)
2007-10-10r8141: Update volker's valgrind fix in r8097. Same effect, just helps meGerald Carter1-0/+3
to remember what is going on here better. (This used to be commit 4a8068ce632adc34e88c128c4a6cc4c690d082bf)
2007-10-10r7995: * privileges are local except when they're *not*Gerald Carter1-60/+64
printmig.exe assumes that the LUID of the SeBackupPrivlege on the target server matches the LUID of the privilege on the local client. Even though an LUID is never guaranteed to be the same across reboots. How *awful*! My cat could write better code! (more on my cat later....) * Set the privelege LUID in the global PRIVS[] array * Rename RegCreateKey() to RegCreateKeyEx() to better match MSDN * Rename the unknown field in RegCreateKeyEx() to disposition (guess according to MSDN) * Add the capability to define REG_TDB_ONLY for using the reg_db.c functions and stress the RegXXX() rpc functions. (This used to be commit 0d6352da4800aabc04dfd7c65a6afe6af7cd2d4b)
2007-10-10r7440: * merge registry server changes from trunk (so far) for moreGerald Carter1-0/+5
printmig.exe work * merge the sys_select_signal(char c) change from trunk in order to keeo the winbind code in sync (This used to be commit a112c5570a7f8ddddde1af0fa665f40a6067e8cf)
2007-10-10r6080: Port some of the non-critical changes from HEAD to 3_0. The main one ↵Volker Lendecke1-1/+1
is the change in pdb_enum_alias_memberships to match samr.idl a bit closer. Volker (This used to be commit 3a6786516957d9f67af6d53a3167c88aa272972f)
2007-10-10r5953: more compiler cleanups; moved SID_LIST from smb.h to privileges.c to ↵Gerald Carter1-1/+6
cleanup the name space (This used to be commit 7dfafa712deb115e425c7367296400c54827a217)
2007-10-10r5726: merge LsaLookupPrivValue() code from trunkGerald Carter1-59/+57
(This used to be commit 277203b5356af58ce62eb4eec0db2eccadeeffd6)
2007-10-10r5484: Fix a memleakVolker Lendecke1-2/+2
(This used to be commit 7b9cb0601ce465361618fcc2c88f8195d93f130a)
2007-10-10r5436: small merges from trunkGerald Carter1-5/+5
(This used to be commit f17ffdf805ef8afad2b8d63b619c52540001a546)
2007-10-10r5203: additional changes for BUG 2291 to restrict who can join a BDC and ↵Gerald Carter1-1/+1
add domain trusts (This used to be commit 5ec1faa2ad33772fb48c3863e67d2ce4be726bb2)
2007-10-10r5015: (based on abartlet's original patch to restrict password changes)Gerald Carter1-4/+74
* added SE_PRIV checks to access_check_samr_object() in order to deal with the run-time security descriptor and their interaction with user rights * Reordered original patch in _samr_set_userinfo[2] to still allow root/administrative password changes for users and machines. (This used to be commit f9f9e6039bd9443d54445e41c3783a2be18925fb)
2007-10-10r4995: fail set_privileges() if 'enable privileges = no' to prevent confused ↵Gerald Carter1-0/+3
admins who never read what I write :-) (This used to be commit 1d7a636e0e7f8a0bc3d3ae04b40f79db7f08d619)
2007-10-10r4849: * finish SeAddUsers support in srv_samr_nt.cGerald Carter1-7/+18
* define some const SE_PRIV structure for use when you need a SE_PRIV* to a privilege * fix an annoying compiler warngin in smbfilter.c * translate SIDs to names in 'net rpc rights list accounts' * fix a seg fault in cli_lsa_enum_account_rights caused by me forgetting the precedence of * vs. [] (This used to be commit d25fc84bc2b14da9fcc0f3c8d7baeca83f0ea708)
2007-10-10r4822: fix return code when you ask for a non-privileged SID via one of the ↵Gerald Carter1-0/+9
privileges RPC calls (This used to be commit 3f4f2c80fd157796a7ba56f31f921e8a3ce46bc3)
2007-10-10r4809: * include SeDiskOperatorPrivilege and SeRemoteShutdownPrivilegeGerald Carter1-88/+25
(noty enfornced yet though) * add 'enable privileges (off by default) to control whether or not any privuleges can be assigned to SIDs (This used to be commit cf63519169d2f3c56a6acf46b9257f4c11d5ea74)
2007-10-10r4805: Last planned change to the privileges infrastructure:Gerald Carter1-120/+309
* rewrote the tdb layout of privilege records in account_pol.tdb (allow for 128 bits instead of 32 bit flags) * migrated to using SE_PRIV structure instead of the PRIVILEGE_SET structure. The latter is now used for parsing routines mainly. Still need to incorporate some client support into 'net' so for setting privileges. And make use of the SeAddUserPrivilege right. (This used to be commit 41dc7f7573c6d637e19a01e7ed0e716ac0f1fb15)
2007-10-10r4742: add server support for lsa_add/remove_account_rights() and fix some ↵Gerald Carter1-12/+65
parsing bugs related to that code (This used to be commit 7bf1312287cc1ec6b97917ba25fc60d6db09f26c)
2007-10-10r4731: Fix the buildVolker Lendecke1-1/+2
(This used to be commit 340d7f317332f159460d04db8ccc75116c83d234)
2007-10-10r4724: Add support for Windows privileges in Samba 3.0Gerald Carter1-218/+429
(based on Simo's code in trunk). Rewritten with the following changes: * privilege set is based on a 32-bit mask instead of strings (plans are to extend this to a 64 or 128-bit mask before the next 3.0.11preX release). * Remove the privilege code from the passdb API (replication to come later) * Only support the minimum amount of privileges that make sense. * Rewrite the domain join checks to use the SeMachineAccountPrivilege instead of the 'is a member of "Domain Admins"?' check that started all this. Still todo: * Utilize the SePrintOperatorPrivilege in addition to the 'printer admin' parameter * Utilize the SeAddUserPrivilege for adding users and groups * Fix some of the hard coded _lsa_*() calls * Start work on enough of SAM replication to get privileges from one Samba DC to another. * Come up with some management tool for manipultaing privileges instead of user manager since it is buggy when run on a 2k client (haven't tried xp). Works ok on NT4. (This used to be commit 77c10ff9aa6414a31eece6dfec00793f190a9d6c)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-6/+6
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2003-12-04don't crash on a NULL priviledge pointer; patch from Jianliang LuGerald Carter1-0/+6
(This used to be commit 2742e813fea2366f91bec62dca407f65ad5c4623)
2003-10-14Delete unused label to fix compiler warning.Tim Potter1-1/+0
(This used to be commit e34d21af3882a034810737039dbaae4d45e2645c)
2003-10-06split some security related functions in their own files.Simo Sorce1-0/+345
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes (This used to be commit 66074d3b097d8cf2a231bf08c7f4db62da68189d)