summaryrefslogtreecommitdiff
path: root/source3/lib/privileges.c
AgeCommit message (Collapse)AuthorFilesLines
2010-09-11libcli/security Move 'private' privileges functions to another headerAndrew Bartlett1-0/+1
These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11libcli/security Remove 'always true' return from se_priv_put_all_privilegesAndrew Bartlett1-3/+1
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Add constAndrew Bartlett1-3/+3
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove extra pointer on privilege maskAndrew Bartlett1-4/+4
Now that this is a scalar, this isn't required. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privileges: add handling of both old and new formats in databaseAndrew Tridgell1-28/+48
We update privileges on a per-record basis instead of all at once, as this maintains maximum compatibility is someone uses old tools with a new version of Samba. The also auto-detects the byte order of the old entries in the database, and copes with either native or reversed byte order. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-11s3-privs Remove unused functionAndrew Bartlett1-30/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmapAndrew Bartlett1-50/+17
This avoids us dealing with the privilege bitmap in the LSA server, and overhauls much of the rest of the handling to be currnet with the modern world of talloc. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Hide the bitmap-based grant_privilege and revoke_privilegeAndrew Bartlett1-7/+33
The new wrappers avoid anything but the core privileges code dealing with the bitmap values directly. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Make privilege_enum_sids() take an LUID, not a bitmapAndrew Bartlett1-2/+2
This moves one more privileges call away from direct bitmap manipuation. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Rework privilege enumeration to also use new DB formatAndrew Bartlett1-5/+18
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Directly manipulate the privileges bitmap.Andrew Bartlett1-5/+3
There is no longer any reason to go via the se_ functions to manipulate this bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove a pointer from grant_privilege()Andrew Bartlett1-7/+7
Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Remove a pointer indirection from revoke_privilege()Andrew Bartlett1-4/+4
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-privs Inline dump_se_priv into callers now that it's just a uint64_tAndrew Bartlett1-10/+6
The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3-auth Change type of num_sids to uint32_tAndrew Bartlett1-1/+1
size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3:privs Change to new host endian neutral privilages tdb formatAndrew Bartlett1-3/+16
These values are stored in account_policy.tdb, and the old format, using a 128 bit bitmap was not endian neutral. The previous endian-dependent format was introduced in 46e5effea948931509283cb84b27007d34b521c8 replacing a 32 bit number which was used at the time. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-09-11s3:Change SE_PRIV to uint64_tAndrew Bartlett1-20/+20
This removes the SE_PRIV typedef Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-08-26s3-build: use dbwrap.h only where needed.Günther Deschner1-0/+1
Guenther
2010-06-07s3-privileges: use LUID defines from lsa IDL.Günther Deschner1-4/+4
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-15/+15
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2009-05-16s3-privileges: add privilege_delete_account().Günther Deschner1-0/+28
Guenther
2009-05-16s3-privileges: remove trailing whitespace from privileges codes.Günther Deschner1-45/+45
Guenther
2008-04-01Convert account_pol.tdb to dbwrapVolker Lendecke1-19/+20
Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit 0b36871a0d795183f0e9dc78b654788b1988f06e)
2008-01-09Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.Michael Adam1-2/+4
Michael (This used to be commit 6b2b9a60ef857ec31da5fea631535205fbdede4a)
2007-12-15s/sid_to_string/sid_to_fstring/Volker Lendecke1-2/+2
least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-15Replace sid_string_static with sid_to_stringVolker Lendecke1-4/+4
This adds 28 fstrings on the stack, but I think an fstring on the stack is still far better than a static one. (This used to be commit c7c885078be8fd3024c186044ac28275d7609679)
2007-12-15Replace sid_string_static by sid_string_dbg in DEBUGsVolker Lendecke1-6/+6
(This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-11/+11
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r25040: Add "net sam rights"Volker Lendecke1-1/+32
Not strictly in the SAM, but close enough. This command acts directly on the local tdb, no running smbd required This also changes the root-only check to a warning (This used to be commit 0c5657b5eff60e3c52de8fbb4ce9346d0341854c)
2007-10-10r24435: Fix typo.Günther Deschner1-1/+1
Guenther (This used to be commit 8705f890b11e7158b5c77cbd3a6dfae8eb26776e)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23485: This checkin consists mostly of refactorings in preparation of theMichael Adam1-487/+18
activation of global registry options in loadparm.c, mainly to extract functionality from net_conf.c to be made availabel elsewhere and to minimize linker dependencies. In detail: * move functions registry_push/pull_value from lib/util_reg.c to new file lib/util_reg_api.c * create a fake user token consisting of builtin administrators sid and se_disk_operators privilege by hand instead of using get_root_nt_token() to minimize linker deps for bin/net. + new function registry_create_admin_token() in new lib/util_reg_smbconf.c + move dup_nt_token from auth/token_util.c to new file lib/util_nttoken.c + adapt net_conf.c and Makefile.in accordingly. * split lib/profiles.c into two parts: new file lib/profiles_basic.c takes all the low level mask manipulation and format conversion functions (se_priv, privset, luid). the privs array is completely hidden from profiles.c by adding some access-functions. some mask-functions are not static anymore. Generally, SID- and LUID-related stuff that has more dependencies is kept in lib/profiles.c * Move initialization of regdb from net_conf.c into a function registry_init_regdb() in lib/util_reg_smbconf.c. Michael (This used to be commit efd3e2bfb756ac5c4df7984791c67e7ae20a582e)
2007-10-10r22589: Make TALLOC_ARRAY consistent across all uses.Jeremy Allison1-4/+8
Jeremy. (This used to be commit 8968808c3b5b0208cbad9ac92eaf948f2c546dd9)
2007-10-10r22009: change TDB_DATA from char * to unsigned char *Stefan Metzmacher1-3/+3
and fix all compiler warnings in the users metze (This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f)
2007-10-10r21976: make use of tdb_*_bystring() and string_term_tdb_data() in lib/Stefan Metzmacher1-8/+4
to avoid creating the TDB_DATA struct from strings "by hand" metze (This used to be commit c22b86595a502eb48c9d0038faee8a9ee41b8438)
2007-10-10r20090: Fix a class of bugs found by James Peach. EnsureJeremy Allison1-1/+3
we never mix malloc and talloc'ed contexts in the add_XX_to_array() and add_XX_to_array_unique() calls. Ensure that these calls always return False on out of memory, True otherwise and always check them. Ensure that the relevent parts of the conn struct and the nt_user_tokens are TALLOC_DESTROYED not SAFE_FREE'd. James - this should fix your crash bug in both branches. Jeremy. (This used to be commit 0ffca7559e07500bd09a64b775e230d448ce5c24)
2007-10-10r19932: Add some constVolker Lendecke1-2/+3
(This used to be commit be3c444c37dc6f0ab91a2815a2efe6f7c38818c5)
2007-10-10r17334: Some C++ warningsVolker Lendecke1-1/+1
(This used to be commit 8ae7ed1f3cecbb5285313d17b5f9511e2e622f0b)
2007-10-10r16396: Klocwork #1170. Null deref.Jeremy Allison1-0/+4
Jeremy. (This used to be commit 220627ab70977a9a26dc0e010f73195c2c87ec96)
2007-10-10r14432: Give in and grant BUILT\Administrators all privilegesGerald Carter1-1/+19
(This used to be commit b6170910604dba6533b727de8d7f0cc75256d14f)
2007-10-10r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4Jeremy Allison1-1/+1
x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-2/+3
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r10454: * prevent privilege code from storing an empty SIDGerald Carter1-7/+31
(and filter it out if one is already there) * Fix LUID value match in privilege_set_to_se_priv() (fix jmcd's bug report). (This used to be commit 356334264f5cd3a2480c3288ec40e0ee63264e1b)
2007-10-10r9952: Adapt better to the Windows way of taking and assigning ownership:Günther Deschner1-0/+1
* Users with SeRestorePrivilege may chown files to anyone (be it as a backup software or directly using the ownership-tab in the security acl editor on xp), while * Users with SeTakeOwnershipPrivilege only can chown to themselves. Simo, Jeremy. I think this is correct now. Guenther (This used to be commit 1ef7a192eed457d302a08c692bb54a73a1af4afd)
2007-10-10r9029: Another crash bug when enumerating privileges.Günther Deschner1-1/+1
Thanks Volker! Guenther (This used to be commit e59c7c76d7ce52c7e16c4978c017636383ec57a5)
2007-10-10r8141: Update volker's valgrind fix in r8097. Same effect, just helps meGerald Carter1-0/+3
to remember what is going on here better. (This used to be commit 4a8068ce632adc34e88c128c4a6cc4c690d082bf)
2007-10-10r7995: * privileges are local except when they're *not*Gerald Carter1-60/+64
printmig.exe assumes that the LUID of the SeBackupPrivlege on the target server matches the LUID of the privilege on the local client. Even though an LUID is never guaranteed to be the same across reboots. How *awful*! My cat could write better code! (more on my cat later....) * Set the privelege LUID in the global PRIVS[] array * Rename RegCreateKey() to RegCreateKeyEx() to better match MSDN * Rename the unknown field in RegCreateKeyEx() to disposition (guess according to MSDN) * Add the capability to define REG_TDB_ONLY for using the reg_db.c functions and stress the RegXXX() rpc functions. (This used to be commit 0d6352da4800aabc04dfd7c65a6afe6af7cd2d4b)
2007-10-10r7440: * merge registry server changes from trunk (so far) for moreGerald Carter1-0/+5
printmig.exe work * merge the sys_select_signal(char c) change from trunk in order to keeo the winbind code in sync (This used to be commit a112c5570a7f8ddddde1af0fa665f40a6067e8cf)
2007-10-10r6080: Port some of the non-critical changes from HEAD to 3_0. The main one ↵Volker Lendecke1-1/+1
is the change in pdb_enum_alias_memberships to match samr.idl a bit closer. Volker (This used to be commit 3a6786516957d9f67af6d53a3167c88aa272972f)