From: Andrew Bartlett Date: Mon, 30 Aug 2010 03:04:27 +0000 (+1000) Subject: s3-privs Convert from user_has_privileges() -> security_token_has_privilege() X-Git-Tag: samba-4.0.0alpha13~279 X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=3bb77516b841def60e08e50bafc37517dd9d3ae0;p=samba.git s3-privs Convert from user_has_privileges() -> security_token_has_privilege() This new call is available in the merged privileges code, and takes an enum as the parameter, rather than a bitmask. Andrew Bartlett Signed-off-by: Andrew Tridgell --- diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index 3bedec68655..7e803fcfce6 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -113,7 +113,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd, if (is_sid_in_token(token, sd->owner_sid)) { granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE; - } else if (user_has_privileges(token, &se_restore)) { + } else if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { granted |= SEC_STD_DELETE; } @@ -203,7 +203,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd, bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE); } if ((bits_remaining & SEC_STD_DELETE) && - user_has_privileges(token, &se_restore)) { + (security_token_has_privilege(token, SEC_PRIV_RESTORE))) { bits_remaining &= ~SEC_STD_DELETE; } diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 186369df1f9..a8c30a1f27f 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -2075,14 +2075,13 @@ bool print_access_check(const struct auth_serversupplied_info *server_info, WERROR result; const char *pname; TALLOC_CTX *mem_ctx = NULL; - uint64_t se_printop = SE_PRINT_OPERATOR; /* If user is NULL then use the current_user structure */ /* Always allow root or SE_PRINT_OPERATROR to do anything */ if (server_info->utok.uid == sec_initial_uid() - || user_has_privileges(server_info->ptok, &se_printop ) ) { + || security_token_has_privilege(server_info->ptok, SEC_PRIV_PRINT_OPERATOR)) { return True; } diff --git a/source3/registry/reg_backend_smbconf.c b/source3/registry/reg_backend_smbconf.c index a2bf506e52b..b96c73b47b9 100644 --- a/source3/registry/reg_backend_smbconf.c +++ b/source3/registry/reg_backend_smbconf.c @@ -60,7 +60,7 @@ static bool smbconf_reg_access_check(const char *keyname, uint32 requested, uint32 *granted, const struct security_token *token) { - if (!(user_has_privileges(token, &se_disk_operators))) { + if (!security_token_has_privilege(token, SEC_PRIV_DISK_OPERATOR)) { return False; } diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 7755b3b7c33..8e8911005c4 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -574,7 +574,7 @@ NTSTATUS _samr_OpenDomain(struct pipes_struct *p, * Users with SeAddUser get the ability to manipulate groups * and aliases. */ - if (user_has_any_privilege(p->server_info->ptok, &se_add_users)) { + if (security_token_has_privilege(p->server_info->ptok, SEC_PRIV_ADD_USERS)) { extra_access |= (SAMR_DOMAIN_ACCESS_CREATE_GROUP | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 58896b3c492..acb051341f2 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -364,7 +364,6 @@ static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token, char *cmd = lp_deleteprinter_cmd(); char *command = NULL; int ret; - uint64_t se_printop = SE_PRINT_OPERATOR; bool is_print_op = false; /* can't fail if we don't try */ @@ -379,7 +378,7 @@ static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token, return WERR_NOMEM; } if ( token ) - is_print_op = user_has_privileges( token, &se_printop ); + is_print_op = security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); DEBUG(10,("Running [%s]\n", command)); @@ -1743,8 +1742,6 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, if ( r->in.access_mask & SERVER_ACCESS_ADMINISTER ) { - uint64_t se_printop = SE_PRINT_OPERATOR; - if (!lp_ms_add_printer_wizard()) { close_printer_handle(p, r->out.handle); ZERO_STRUCTP(r->out.handle); @@ -1755,8 +1752,7 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->server_info->utok.uid != sec_initial_uid()) && - !user_has_privileges(p->server_info->ptok, - &se_printop ) && + !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, @@ -1995,13 +1991,12 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p, struct spoolss_DriverInfo8 *info_win2k = NULL; int version; WERROR status; - uint64_t se_printop = SE_PRINT_OPERATOR; /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ if ( (p->server_info->utok.uid != sec_initial_uid()) - && !user_has_privileges(p->server_info->ptok, &se_printop ) + && !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, @@ -2101,13 +2096,12 @@ WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p, int version; bool delete_files; WERROR status; - uint64_t se_printop = SE_PRINT_OPERATOR; /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ if ( (p->server_info->utok.uid != sec_initial_uid()) - && !user_has_privileges(p->server_info->ptok, &se_printop ) + && !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, @@ -5864,7 +5858,6 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const char *cmd = lp_addport_cmd(); char *command = NULL; int ret; - uint64_t se_printop = SE_PRINT_OPERATOR; bool is_print_op = false; if ( !*cmd ) { @@ -5878,7 +5871,7 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const } if ( token ) - is_print_op = user_has_privileges( token, &se_printop ); + is_print_op = security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); DEBUG(10,("Running [%s]\n", command)); @@ -5919,7 +5912,6 @@ static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token, int numlines; int ret; int fd; - uint64_t se_printop = SE_PRINT_OPERATOR; bool is_print_op = false; if (!remote_machine) { @@ -5936,7 +5928,7 @@ static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token, } if ( token ) - is_print_op = user_has_privileges( token, &se_printop ); + is_print_op = security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); DEBUG(10,("Running [%s]\n", command)); @@ -8248,7 +8240,6 @@ WERROR _spoolss_AddForm(struct pipes_struct *p, struct spoolss_AddFormInfo1 *form = r->in.info.info1; int snum = -1; WERROR status = WERR_OK; - uint64_t se_printop = SE_PRINT_OPERATOR; struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle); @@ -8264,8 +8255,8 @@ WERROR _spoolss_AddForm(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->server_info->utok.uid != sec_initial_uid()) && - !user_has_privileges(p->server_info->ptok, &se_printop) && - !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), + !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && + !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, NULL, p->server_info->ptok, @@ -8322,7 +8313,6 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p, struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle); int snum = -1; WERROR status = WERR_OK; - uint64_t se_printop = SE_PRINT_OPERATOR; DEBUG(5,("_spoolss_DeleteForm\n")); @@ -8333,8 +8323,8 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p, } if ((p->server_info->utok.uid != sec_initial_uid()) && - !user_has_privileges(p->server_info->ptok, &se_printop) && - !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), + !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && + !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, NULL, p->server_info->ptok, @@ -8382,7 +8372,6 @@ WERROR _spoolss_SetForm(struct pipes_struct *p, const char *form_name = r->in.form_name; int snum = -1; WERROR status = WERR_OK; - uint64_t se_printop = SE_PRINT_OPERATOR; struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle); @@ -8398,7 +8387,7 @@ WERROR _spoolss_SetForm(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->server_info->utok.uid != sec_initial_uid()) && - !user_has_privileges(p->server_info->ptok, &se_printop) && + !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, NULL, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index ee879e89f70..a4d7726d28d 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1535,7 +1535,6 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p, int ret; char *path = NULL; struct security_descriptor *psd = NULL; - uint64_t se_diskop = SE_DISK_OPERATOR; bool is_disk_op = False; int max_connections = 0; TALLOC_CTX *ctx = p->mem_ctx; @@ -1572,7 +1571,7 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p, if (lp_print_ok(snum)) return WERR_ACCESS_DENIED; - is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop ); + is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); /* fail out now if you are not root and not a disk op */ @@ -1764,7 +1763,6 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p, int ret; char *path; struct security_descriptor *psd = NULL; - uint64_t se_diskop = SE_DISK_OPERATOR; bool is_disk_op; int max_connections = 0; TALLOC_CTX *ctx = p->mem_ctx; @@ -1775,7 +1773,7 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p, *r->out.parm_error = 0; } - is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop ); + is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op ) return WERR_ACCESS_DENIED; @@ -1941,7 +1939,6 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p, char *share_name = NULL; int ret; int snum; - uint64_t se_diskop = SE_DISK_OPERATOR; bool is_disk_op; struct share_params *params; TALLOC_CTX *ctx = p->mem_ctx; @@ -1969,7 +1966,7 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p, if (lp_print_ok(snum)) return WERR_ACCESS_DENIED; - is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop ); + is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op ) return WERR_ACCESS_DENIED; @@ -2517,12 +2514,11 @@ WERROR _srvsvc_NetFileClose(struct pipes_struct *p, struct srvsvc_NetFileClose *r) { struct enum_file_close_state state; - uint64_t se_diskop = SE_DISK_OPERATOR; bool is_disk_op; DEBUG(5,("_srvsvc_NetFileClose: %d\n", __LINE__)); - is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop ); + is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op) { return WERR_ACCESS_DENIED; diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index de15f9f82f0..ab43f6580a1 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -575,8 +575,7 @@ WERROR _winreg_InitiateSystemShutdownEx(struct pipes_struct *p, return WERR_NOMEM; } - can_shutdown = user_has_privileges( p->server_info->ptok, - &se_remote_shutdown ); + can_shutdown = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_REMOTE_SHUTDOWN); /* IF someone has privs, run the shutdown script as root. OTHERWISE run it as not root Take the error return from the script and provide it as the Windows return code. */ @@ -613,8 +612,7 @@ WERROR _winreg_AbortSystemShutdown(struct pipes_struct *p, if (!*abort_shutdown_script) return WERR_ACCESS_DENIED; - can_shutdown = user_has_privileges( p->server_info->ptok, - &se_remote_shutdown ); + can_shutdown = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_REMOTE_SHUTDOWN); /********** BEGIN SeRemoteShutdownPrivilege BLOCK **********/ @@ -704,8 +702,9 @@ WERROR _winreg_RestoreKey(struct pipes_struct *p, /* user must posses SeRestorePrivilege for this this proceed */ - if ( !user_has_privileges( p->server_info->ptok, &se_restore ) ) + if ( !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_RESTORE)) { return WERR_ACCESS_DENIED; + } DEBUG(2,("_winreg_RestoreKey: Restoring [%s] from %s in share %s\n", regkey->key->name, fname, lp_servicename(snum) )); diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index 31513ed113e..8c00254291f 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -822,7 +822,7 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p, return WERR_INVALID_PARAM; } - if (!user_has_privileges(token, &se_machine_account) && + if (!security_token_has_privilege(token, SEC_PRIV_MACHINE_ACCOUNT) && !nt_token_check_domain_rid(token, DOMAIN_RID_ADMINS) && !nt_token_check_sid(&global_sid_Builtin_Administrators, token)) { DEBUG(5,("_wkssvc_NetrJoinDomain2: account doesn't have " @@ -893,7 +893,7 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p, return WERR_INVALID_PARAM; } - if (!user_has_privileges(token, &se_machine_account) && + if (!security_token_has_privilege(token, SEC_PRIV_MACHINE_ACCOUNT) && !nt_token_check_domain_rid(token, DOMAIN_RID_ADMINS) && !nt_token_check_sid(&global_sid_Builtin_Administrators, token)) { DEBUG(5,("_wkssvc_NetrUnjoinDomain2: account doesn't have " diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index db8b2529f25..9470447f539 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3547,10 +3547,8 @@ int try_chown(connection_struct *conn, struct smb_filename *smb_fname, /* Case (2) / (3) */ if (lp_enable_privileges()) { - bool has_take_ownership_priv = user_has_privileges(get_current_nttok(conn), - &se_take_ownership); - bool has_restore_priv = user_has_privileges(get_current_nttok(conn), - &se_restore); + bool has_take_ownership_priv = security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_TAKE_OWNERSHIP); + bool has_restore_priv = security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_RESTORE); /* Case (2) */ if ( ( has_take_ownership_priv && ( uid == get_current_uid(conn) ) ) ||