This moves one more privileges call away from direct bitmap manipuation.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
bool get_privileges_for_sids(uint64_t *privileges, struct dom_sid *slist, int scount);
NTSTATUS privilege_enumerate_accounts(struct dom_sid **sids, int *num_sids);
-NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
+NTSTATUS privilege_enum_sids(enum sec_privilege privilege, TALLOC_CTX *mem_ctx,
struct dom_sid **sids, int *num_sids);
bool grant_privilege(const struct dom_sid *sid, const uint64_t priv_mask);
bool grant_privilege_by_name(struct dom_sid *sid, const char *name);
Retrieve list of SIDs granted a particular privilege
*********************************************************************/
-NTSTATUS privilege_enum_sids(const uint64_t *mask, TALLOC_CTX *mem_ctx,
+NTSTATUS privilege_enum_sids(enum sec_privilege privilege, TALLOC_CTX *mem_ctx,
struct dom_sid **sids, int *num_sids)
{
struct db_context *db = get_account_pol_db();
ZERO_STRUCT(priv);
- priv.privilege = *mask;
+ priv.privilege = sec_privilege_mask(privilege);
priv.mem_ctx = mem_ctx;
db->traverse_read(db, priv_traverse_fn, &priv);
struct dom_sid *sids = NULL;
int num_sids = 0;
uint32_t i;
- uint64_t mask;
+ enum sec_privilege privilege;
if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) {
return NT_STATUS_INVALID_HANDLE;
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
- if (!se_priv_from_name(r->in.name->string, &mask)) {
+ privilege = sec_privilege_id(r->in.name->string);
+ if (privilege == SEC_PRIV_INVALID) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
- status = privilege_enum_sids(&mask, p->mem_ctx,
+ status = privilege_enum_sids(privilege, p->mem_ctx,
&sids, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
return status;
static int net_sam_rights_list(struct net_context *c, int argc,
const char **argv)
{
- uint64_t mask;
+ enum sec_privilege privilege;
if (argc > 1 || c->display_usage) {
d_fprintf(stderr, "%s\n%s",
return 0;
}
- if (se_priv_from_name(argv[0], &mask)) {
+ privilege = sec_privilege_id(argv[0]);
+
+ if (privilege != SEC_PRIV_INVALID) {
struct dom_sid *sids;
int i, num_sids;
NTSTATUS status;
- status = privilege_enum_sids(&mask, talloc_tos(),
+ status = privilege_enum_sids(privilege, talloc_tos(),
&sids, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Could not list rights: %s\n"),