From adbdb055ee08b0aede06ecec34157ecf4f22c9de Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sat, 11 Dec 2004 13:19:41 +0000
Subject: r4151: added privilege attribute handling on samdb.

pvfs will now honor some privileges on ACLs, and it will be quite easy
to add the checks for more privileges in the necessary places, by
making calls to sec_privilege_check().
(This used to be commit 3549039d0fbc54f87ae679e7288b82b28713e487)
---
 source4/auth/auth_util.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'source4/auth/auth_util.c')

diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index 4a60c3f847..2b6d5324ee 100644
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -353,6 +353,7 @@ NTSTATUS create_security_token(TALLOC_CTX *mem_ctx,
 {
 	struct security_token *ptoken;
 	int i;
+	NTSTATUS status;
 
 	ptoken = security_token_initialise(mem_ctx);
 	if (ptoken == NULL) {
@@ -397,6 +398,13 @@ NTSTATUS create_security_token(TALLOC_CTX *mem_ctx,
 			ptoken->sids[ptoken->num_sids++] = groupSIDs[i];
 		}
 	}
+
+	/* setup the privilege mask for this token */
+	status = samdb_privilege_setup(ptoken);
+	if (!NT_STATUS_IS_OK(status)) {
+		talloc_free(ptoken);
+		return status;
+	}
 	
 	debug_security_token(DBGC_AUTH, 10, ptoken);
 	
-- 
cgit