summaryrefslogtreecommitdiffstats
path: root/source3/include/privileges.h
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-01-17 15:23:11 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:53:55 -0500
commit46e5effea948931509283cb84b27007d34b521c8 (patch)
treed77527412d92fb2f5511c0373e0605b2f84c5c64 /source3/include/privileges.h
parent5d47f8e5e59d0de7d7bac8a670f91423627b437e (diff)
downloadsamba-46e5effea948931509283cb84b27007d34b521c8.tar.gz
samba-46e5effea948931509283cb84b27007d34b521c8.tar.xz
samba-46e5effea948931509283cb84b27007d34b521c8.zip
r4805: Last planned change to the privileges infrastructure:
* rewrote the tdb layout of privilege records in account_pol.tdb (allow for 128 bits instead of 32 bit flags) * migrated to using SE_PRIV structure instead of the PRIVILEGE_SET structure. The latter is now used for parsing routines mainly. Still need to incorporate some client support into 'net' so for setting privileges. And make use of the SeAddUserPrivilege right. (This used to be commit 41dc7f7573c6d637e19a01e7ed0e716ac0f1fb15)
Diffstat (limited to 'source3/include/privileges.h')
-rw-r--r--source3/include/privileges.h30
1 files changed, 18 insertions, 12 deletions
diff --git a/source3/include/privileges.h b/source3/include/privileges.h
index cdf62b7f858..b4972c7a602 100644
--- a/source3/include/privileges.h
+++ b/source3/include/privileges.h
@@ -27,24 +27,24 @@
/* common privilege defines */
-#define SE_END 0x00000000
-#define SE_NONE 0x00000000
-#define SE_ALL_PRIVS 0xFFFFFFFF
+#define SE_END { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_NONE { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_ALL_PRIVS { { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF } }
/*
* We will use our own set of privileges since it makes no sense
* to implement all of the Windows set when only a portion will
- * be used.
+ * be used. Use 128-bit mask to give room to grow.
*/
-#define SE_NETWORK_LOGON 0x00000001
-#define SE_INTERACTIVE_LOGON 0x00000002
-#define SE_BATCH_LOGON 0x00000004
-#define SE_SERVICE_LOGON 0x00000008
-#define SE_MACHINE_ACCOUNT 0x00000010
-#define SE_PRINT_OPERATOR 0x00000020
-#define SE_ADD_USERS 0x00000040
+#define SE_NETWORK_LOGON { { 0x00000001, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_INTERACTIVE_LOGON { { 0x00000002, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_BATCH_LOGON { { 0x00000004, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_SERVICE_LOGON { { 0x00000008, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_MACHINE_ACCOUNT { { 0x00000010, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_PRINT_OPERATOR { { 0x00000020, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_ADD_USERS { { 0x00000040, 0x00000000, 0x00000000, 0x00000000 } }
#if 0 /* not needed currently */
@@ -113,8 +113,14 @@ typedef struct privilege_set
LUID_ATTR *set;
} PRIVILEGE_SET;
+#define SE_PRIV_MASKSIZE 4
+
+typedef struct {
+ uint32 mask[SE_PRIV_MASKSIZE];
+} SE_PRIV;
+
typedef struct _PRIVS {
- uint32 se_priv;
+ SE_PRIV se_priv;
const char *name;
const char *description;
} PRIVS;