struct dom_sid **sids, int *num_sids);
bool grant_privilege(const struct dom_sid *sid, const uint64_t *priv_mask);
bool grant_privilege_by_name(struct dom_sid *sid, const char *name);
-bool revoke_privilege(const struct dom_sid *sid, const uint64_t *priv_mask);
+bool revoke_privilege(const struct dom_sid *sid, const uint64_t priv_mask);
bool revoke_all_privileges( struct dom_sid *sid );
bool revoke_privilege_by_name(struct dom_sid *sid, const char *name);
NTSTATUS privilege_create_account(const struct dom_sid *sid );
Remove privilege from sid
****************************************************************************/
-bool revoke_privilege(const struct dom_sid *sid, const uint64_t *priv_mask)
+bool revoke_privilege(const struct dom_sid *sid, const uint64_t priv_mask)
{
uint64_t mask;
DEBUGADD( 10, ("original privilege mask: 0x%llx\n", (unsigned long long)mask));
- se_priv_remove( &mask, priv_mask );
+ mask &= ~priv_mask;
DEBUGADD( 10, ("new privilege mask: 0x%llx\n", (unsigned long long)mask));
bool revoke_all_privileges( struct dom_sid *sid )
{
- return revoke_privilege( sid, &se_priv_all );
+ return revoke_privilege( sid, SE_ALL_PRIVS);
}
/*********************************************************************
return False;
}
- return revoke_privilege(sid, &mask);
+ return revoke_privilege(sid, mask);
}
if ( !privilege_set_to_se_priv( &mask, set ) )
return NT_STATUS_NO_SUCH_PRIVILEGE;
- if ( !revoke_privilege( &info->sid, &mask ) ) {
+ if ( !revoke_privilege( &info->sid, mask ) ) {
DEBUG(3,("_lsa_RemovePrivilegesFromAccount: revoke_privilege(%s) failed!\n",
sid_string_dbg(&info->sid) ));
DEBUG(3,("Privilege mask: 0x%llx\n", (unsigned long long)mask));
return -1;
}
- if (!revoke_privilege(&sid, &mask)) {
+ if (!revoke_privilege(&sid, mask)) {
d_fprintf(stderr, _("Could not revoke privilege\n"));
return -1;
}