From c1e5f284569d7c9aece4fba0a2101305b16cae91 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Thu, 23 Oct 2008 18:33:49 +0200
Subject: idl: add svcctl specific access bits.

Guenther
---
 librpc/idl/svcctl.idl | 47 ++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 46 insertions(+), 1 deletion(-)

diff --git a/librpc/idl/svcctl.idl b/librpc/idl/svcctl.idl
index 3eb686fe15..fa8e10988c 100644
--- a/librpc/idl/svcctl.idl
+++ b/librpc/idl/svcctl.idl
@@ -4,7 +4,7 @@
   svcctl interface definitions
 */
 
-import "misc.idl";
+import "misc.idl", "security.idl";
 [ uuid("367abb81-9844-35f1-ad32-98f038001003"),
   version(2.0),
   pointer_default(unique),
@@ -227,6 +227,9 @@ import "misc.idl";
 
 	/*****************/
 	/* Function 0x0f */
+
+	/* Service Control Manager Bits */
+
 	typedef [bitmap32bit] bitmap {
 		SC_RIGHT_MGR_CONNECT		= 0x0001,
 		SC_RIGHT_MGR_CREATE_SERVICE	= 0x0002,
@@ -236,6 +239,23 @@ import "misc.idl";
 		SC_RIGHT_MGR_MODIFY_BOOT_CONFIG	= 0x0020
 	} svcctl_MgrAccessMask;
 
+	const int SC_MANAGER_READ_ACCESS =
+		(SEC_STD_READ_CONTROL			|
+		 SC_RIGHT_MGR_CONNECT			|
+		 SC_RIGHT_MGR_ENUMERATE_SERVICE		|
+		 SC_RIGHT_MGR_QUERY_LOCK_STATUS);
+
+	const int SC_MANAGER_EXECUTE_ACCESS = SC_MANAGER_READ_ACCESS;
+
+	const int SC_MANAGER_WRITE_ACCESS =
+		(SEC_STD_REQUIRED			|
+		 SC_MANAGER_READ_ACCESS			|
+		 SC_RIGHT_MGR_CREATE_SERVICE		|
+		 SC_RIGHT_MGR_LOCK			|
+		 SC_RIGHT_MGR_MODIFY_BOOT_CONFIG);
+
+	const int SC_MANAGER_ALL_ACCESS = SC_MANAGER_WRITE_ACCESS;
+
 	WERROR svcctl_OpenSCManagerW(
 		[in,unique] [string,charset(UTF16)] uint16 *MachineName,
 		[in,unique] [string,charset(UTF16)] uint16 *DatabaseName,
@@ -245,6 +265,9 @@ import "misc.idl";
 
 	/*****************/
 	/* Function 0x10 */
+
+	/* Service Object Bits */
+
 	typedef [bitmap32bit] bitmap {
 		SC_RIGHT_SVC_QUERY_CONFIG		= 0x0001,
 		SC_RIGHT_SVC_CHANGE_CONFIG		= 0x0002,
@@ -257,6 +280,28 @@ import "misc.idl";
 		SC_RIGHT_SVC_USER_DEFINED_CONTROL	= 0x0100
 	} svcctl_ServiceAccessMask;
 
+	const int SERVICE_READ_ACCESS =
+		(SEC_STD_READ_CONTROL			|
+		 SC_RIGHT_SVC_ENUMERATE_DEPENDENTS	|
+		 SC_RIGHT_SVC_INTERROGATE		|
+		 SC_RIGHT_SVC_QUERY_CONFIG		|
+		 SC_RIGHT_SVC_QUERY_STATUS		|
+		 SC_RIGHT_SVC_USER_DEFINED_CONTROL);
+
+	const int SERVICE_EXECUTE_ACCESS =
+		(SERVICE_READ_ACCESS 			|
+		 SC_RIGHT_SVC_START			|
+		 SC_RIGHT_SVC_STOP			|
+		 SC_RIGHT_SVC_PAUSE_CONTINUE);
+
+	const int SERVICE_WRITE_ACCESS =
+		(SEC_STD_REQUIRED			|
+		 SERVICE_READ_ACCESS			|
+		 SERVICE_EXECUTE_ACCESS			|
+		 SC_RIGHT_SVC_CHANGE_CONFIG);
+
+	const int SERVICE_ALL_ACCESS = SERVICE_WRITE_ACCESS;
+
 	WERROR svcctl_OpenServiceW(
 		[in,ref] policy_handle *scmanager_handle,
 		[in] [string,charset(UTF16)] uint16 ServiceName[],
-- 
cgit