diff options
Diffstat (limited to 'source')
-rw-r--r-- | source/auth/auth_util.c | 5 | ||||
-rw-r--r-- | source/groupdb/mapping.c | 2 | ||||
-rw-r--r-- | source/include/smb.h | 22 | ||||
-rw-r--r-- | source/lib/account_pol.c | 8 | ||||
-rw-r--r-- | source/lib/secace.c | 2 | ||||
-rw-r--r-- | source/lib/secdesc.c | 4 | ||||
-rw-r--r-- | source/lib/util_seaccess.c | 2 | ||||
-rw-r--r-- | source/lib/util_sid.c | 141 | ||||
-rw-r--r-- | source/nsswitch/wb_client.c | 2 | ||||
-rw-r--r-- | source/nsswitch/winbindd.c | 2 | ||||
-rw-r--r-- | source/nsswitch/winbindd_util.c | 3 | ||||
-rw-r--r-- | source/passdb/machine_sid.c | 2 | ||||
-rw-r--r-- | source/passdb/pdb_ldap.c | 2 | ||||
-rw-r--r-- | source/passdb/util_sam_sid.c | 10 | ||||
-rw-r--r-- | source/printing/nt_printing.c | 1 | ||||
-rw-r--r-- | source/rpc_server/srv_lsa_nt.c | 2 | ||||
-rw-r--r-- | source/rpc_server/srv_samr_nt.c | 3 | ||||
-rw-r--r-- | source/rpc_server/srv_srvsvc_nt.c | 1 | ||||
-rw-r--r-- | source/rpcclient/cmd_samr.c | 12 | ||||
-rw-r--r-- | source/smbd/nttrans.c | 1 | ||||
-rw-r--r-- | source/smbd/posix_acls.c | 11 | ||||
-rw-r--r-- | source/utils/net_rpc.c | 14 | ||||
-rw-r--r-- | source/utils/net_rpc_samsync.c | 2 |
23 files changed, 83 insertions, 171 deletions
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index 7cab3df99e4..a50a449815c 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -26,11 +26,6 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Network; -extern DOM_SID global_sid_Builtin_Guests; -extern DOM_SID global_sid_Authenticated_Users; - /**************************************************************************** Create a UNIX user on demand. diff --git a/source/groupdb/mapping.c b/source/groupdb/mapping.c index d02c5120541..6e9d9b8e6cf 100644 --- a/source/groupdb/mapping.c +++ b/source/groupdb/mapping.c @@ -21,8 +21,6 @@ #include "includes.h" -extern DOM_SID global_sid_Builtin; - static TDB_CONTEXT *tdb; /* used for driver files */ #define DATABASE_VERSION_V1 1 /* native byte format. */ diff --git a/source/include/smb.h b/source/include/smb.h index d12459c2f98..80b20756517 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -287,6 +287,28 @@ typedef struct sid_info } DOM_SID; +/* Some well-known SIDs */ +extern const DOM_SID global_sid_World_Domain; +extern const DOM_SID global_sid_World; +extern const DOM_SID global_sid_Creator_Owner_Domain; +extern const DOM_SID global_sid_NT_Authority; +extern const DOM_SID global_sid_System; +extern const DOM_SID global_sid_NULL; +extern const DOM_SID global_sid_Authenticated_Users; +extern const DOM_SID global_sid_Network; +extern const DOM_SID global_sid_Creator_Owner; +extern const DOM_SID global_sid_Creator_Group; +extern const DOM_SID global_sid_Anonymous; +extern const DOM_SID global_sid_Builtin; +extern const DOM_SID global_sid_Builtin_Administrators; +extern const DOM_SID global_sid_Builtin_Users; +extern const DOM_SID global_sid_Builtin_Guests; +extern const DOM_SID global_sid_Builtin_Power_Users; +extern const DOM_SID global_sid_Builtin_Account_Operators; +extern const DOM_SID global_sid_Builtin_Server_Operators; +extern const DOM_SID global_sid_Builtin_Print_Operators; +extern const DOM_SID global_sid_Builtin_Backup_Operators; +extern const DOM_SID global_sid_Builtin_Replicator; /* * The complete list of SIDS belonging to this user. diff --git a/source/lib/account_pol.c b/source/lib/account_pol.c index 72d6e77ddda..423dc1675a6 100644 --- a/source/lib/account_pol.c +++ b/source/lib/account_pol.c @@ -24,14 +24,6 @@ static TDB_CONTEXT *tdb; #define DATABASE_VERSION 2 -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin_Administrators; -extern DOM_SID global_sid_Builtin_Account_Operators; -extern DOM_SID global_sid_Builtin_Server_Operators; -extern DOM_SID global_sid_Builtin_Print_Operators; -extern DOM_SID global_sid_Builtin_Backup_Operators; - - /**************************************************************************** Set default for a field if it is empty ****************************************************************************/ diff --git a/source/lib/secace.c b/source/lib/secace.c index e44d9aa940e..c550dcce311 100644 --- a/source/lib/secace.c +++ b/source/lib/secace.c @@ -57,7 +57,7 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src) Sets up a SEC_ACE structure. ********************************************************************/ -void init_sec_ace(SEC_ACE *t, DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag) +void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag) { t->type = type; t->flags = flag; diff --git a/source/lib/secdesc.c b/source/lib/secdesc.c index 686a4edf77c..ace0aee8664 100644 --- a/source/lib/secdesc.c +++ b/source/lib/secdesc.c @@ -179,7 +179,7 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU ********************************************************************/ SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type, - DOM_SID *owner_sid, DOM_SID *grp_sid, + const DOM_SID *owner_sid, const DOM_SID *grp_sid, SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size) { SEC_DESC *dst; @@ -269,7 +269,7 @@ SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src) Creates a SEC_DESC structure with typical defaults. ********************************************************************/ -SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, DOM_SID *owner_sid, DOM_SID *grp_sid, +SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid, SEC_ACL *dacl, size_t *sd_size) { return make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, diff --git a/source/lib/util_seaccess.c b/source/lib/util_seaccess.c index 362504e46b8..73fc45c844d 100644 --- a/source/lib/util_seaccess.c +++ b/source/lib/util_seaccess.c @@ -21,8 +21,6 @@ #include "includes.h" -extern DOM_SID global_sid_Builtin; -extern DOM_SID global_sid_World; extern NT_USER_TOKEN anonymous_token; /********************************************************************************* diff --git a/source/lib/util_sid.c b/source/lib/util_sid.c index 00fb40cd733..1838da1313d 100644 --- a/source/lib/util_sid.c +++ b/source/lib/util_sid.c @@ -28,29 +28,51 @@ * Some useful sids */ -DOM_SID global_sid_World_Domain; /* Everyone domain */ -DOM_SID global_sid_World; /* Everyone */ -DOM_SID global_sid_Creator_Owner_Domain; /* Creator Owner domain */ -DOM_SID global_sid_NT_Authority; /* NT Authority */ -DOM_SID global_sid_System; /* System */ -DOM_SID global_sid_NULL; /* NULL sid */ -DOM_SID global_sid_Authenticated_Users; /* All authenticated rids */ -DOM_SID global_sid_Network; /* Network rids */ - -DOM_SID global_sid_Creator_Owner; /* Creator Owner */ -DOM_SID global_sid_Creator_Group; /* Creator Group */ -DOM_SID global_sid_Anonymous; /* Anonymous login */ - -DOM_SID global_sid_Builtin; /* Local well-known domain */ -DOM_SID global_sid_Builtin_Administrators; /* Builtin administrators */ -DOM_SID global_sid_Builtin_Users; /* Builtin users */ -DOM_SID global_sid_Builtin_Guests; /* Builtin guest users */ -DOM_SID global_sid_Builtin_Power_Users; /* Builtin power users */ -DOM_SID global_sid_Builtin_Account_Operators; /* Builtin account operators */ -DOM_SID global_sid_Builtin_Server_Operators; /* Builtin server operators */ -DOM_SID global_sid_Builtin_Print_Operators; /* Builtin print operators */ -DOM_SID global_sid_Builtin_Backup_Operators; /* Builtin backup operators */ -DOM_SID global_sid_Builtin_Replicator; /* Builtin replicator */ + +const DOM_SID global_sid_World_Domain = /* Everyone domain */ +{ 1, 0, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_World = /* Everyone */ +{ 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Creator_Owner_Domain = /* Creator Owner domain */ +{ 1, 0, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_NT_Authority = /* NT Authority */ +{ 1, 0, {0,0,0,0,0,5}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_System = /* System */ +{ 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_NULL = /* NULL sid */ +{ 1, 1, {0,0,0,0,0,0}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Authenticated_Users = /* All authenticated rids */ +{ 1, 1, {0,0,0,0,0,5}, {11,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Network = /* Network rids */ +{ 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; + +const DOM_SID global_sid_Creator_Owner = /* Creator Owner */ +{ 1, 1, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Creator_Group = /* Creator Group */ +{ 1, 1, {0,0,0,0,0,3}, {1,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Anonymous = /* Anonymous login */ +{ 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; + +const DOM_SID global_sid_Builtin = /* Local well-known domain */ +{ 1, 1, {0,0,0,0,0,5}, {32,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Administrators = /* Builtin administrators */ +{ 1, 2, {0,0,0,0,0,5}, {32,544,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Users = /* Builtin users */ +{ 1, 2, {0,0,0,0,0,5}, {32,545,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Guests = /* Builtin guest users */ +{ 1, 2, {0,0,0,0,0,5}, {32,546,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Power_Users = /* Builtin power users */ +{ 1, 2, {0,0,0,0,0,5}, {32,547,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Account_Operators = /* Builtin account operators */ +{ 1, 2, {0,0,0,0,0,5}, {32,548,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Server_Operators = /* Builtin server operators */ +{ 1, 2, {0,0,0,0,0,5}, {32,549,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Print_Operators = /* Builtin print operators */ +{ 1, 2, {0,0,0,0,0,5}, {32,550,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Backup_Operators = /* Builtin backup operators */ +{ 1, 2, {0,0,0,0,0,5}, {32,551,0,0,0,0,0,0,0,0,0,0,0,0,0}}; +const DOM_SID global_sid_Builtin_Replicator = /* Builtin replicator */ +{ 1, 2, {0,0,0,0,0,5}, {32,552,0,0,0,0,0,0,0,0,0,0,0,0,0}}; #define SECURITY_NULL_SID_AUTHORITY 0 #define SECURITY_WORLD_SID_AUTHORITY 1 @@ -62,18 +84,15 @@ DOM_SID global_sid_Builtin_Replicator; /* Builtin replicator */ * An NT compatible anonymous token. */ -static DOM_SID anon_sid_array[3]; - -NT_USER_TOKEN anonymous_token = { - 3, - anon_sid_array -}; +static DOM_SID anon_sid_array[3] = +{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}, + { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}, + { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} }; +NT_USER_TOKEN anonymous_token = { 3, anon_sid_array, SE_NONE }; -static DOM_SID system_sid_array[4]; -NT_USER_TOKEN system_token = { - 1, - system_sid_array -}; +static DOM_SID system_sid_array[1] = +{ { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} }; +NT_USER_TOKEN system_token = { 1, system_sid_array, SE_ALL_PRIVS }; /**************************************************************************** Lookup string names for SID types. @@ -111,66 +130,12 @@ const char *sid_type_lookup(uint32 sid_type) return "SID *TYPE* is INVALID"; } -/**************************************************************************** - Creates some useful well known sids -****************************************************************************/ - -void generate_wellknown_sids(void) -{ - static BOOL initialised = False; - - if (initialised) - return; - - /* SECURITY_NULL_SID_AUTHORITY */ - string_to_sid(&global_sid_NULL, "S-1-0-0"); - - /* SECURITY_WORLD_SID_AUTHORITY */ - string_to_sid(&global_sid_World_Domain, "S-1-1"); - string_to_sid(&global_sid_World, "S-1-1-0"); - - /* SECURITY_CREATOR_SID_AUTHORITY */ - string_to_sid(&global_sid_Creator_Owner_Domain, "S-1-3"); - string_to_sid(&global_sid_Creator_Owner, "S-1-3-0"); - string_to_sid(&global_sid_Creator_Group, "S-1-3-1"); - - /* SECURITY_NT_AUTHORITY */ - string_to_sid(&global_sid_NT_Authority, "S-1-5"); - string_to_sid(&global_sid_Network, "S-1-5-2"); - string_to_sid(&global_sid_Anonymous, "S-1-5-7"); - string_to_sid(&global_sid_Authenticated_Users, "S-1-5-11"); - string_to_sid(&global_sid_System, "S-1-5-18"); - - /* SECURITY_BUILTIN_DOMAIN_RID */ - string_to_sid(&global_sid_Builtin, "S-1-5-32"); - string_to_sid(&global_sid_Builtin_Administrators, "S-1-5-32-544"); - string_to_sid(&global_sid_Builtin_Users, "S-1-5-32-545"); - string_to_sid(&global_sid_Builtin_Guests, "S-1-5-32-546"); - string_to_sid(&global_sid_Builtin_Power_Users, "S-1-5-32-547"); - string_to_sid(&global_sid_Builtin_Account_Operators, "S-1-5-32-548"); - string_to_sid(&global_sid_Builtin_Server_Operators, "S-1-5-32-549"); - string_to_sid(&global_sid_Builtin_Print_Operators, "S-1-5-32-550"); - string_to_sid(&global_sid_Builtin_Backup_Operators, "S-1-5-32-551"); - string_to_sid(&global_sid_Builtin_Replicator, "S-1-5-32-552"); - - /* Create the anon token. */ - sid_copy( &anonymous_token.user_sids[0], &global_sid_World); - sid_copy( &anonymous_token.user_sids[1], &global_sid_Network); - sid_copy( &anonymous_token.user_sids[2], &global_sid_Anonymous); - - /* Create the system token. */ - sid_copy( &system_token.user_sids[0], &global_sid_System); - - initialised = True; -} - /************************************************************************** Create the SYSTEM token. ***************************************************************************/ NT_USER_TOKEN *get_system_token(void) { - generate_wellknown_sids(); /* The token is initialised here */ return &system_token; } diff --git a/source/nsswitch/wb_client.c b/source/nsswitch/wb_client.c index 3a920c1134b..5e08c0853e1 100644 --- a/source/nsswitch/wb_client.c +++ b/source/nsswitch/wb_client.c @@ -28,8 +28,6 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND -extern DOM_SID global_sid_NULL; /* NULL sid */ - NSS_STATUS winbindd_request(int req_type, struct winbindd_request *request, struct winbindd_response *response); diff --git a/source/nsswitch/winbindd.c b/source/nsswitch/winbindd.c index 6f4a0a27533..6840dd91871 100644 --- a/source/nsswitch/winbindd.c +++ b/source/nsswitch/winbindd.c @@ -898,8 +898,6 @@ int main(int argc, char **argv) idmap_proxyonly(); } - generate_wellknown_sids(); - /* Unblock all signals we are interested in as they may have been blocked by the parent process. */ diff --git a/source/nsswitch/winbindd_util.c b/source/nsswitch/winbindd_util.c index b9fb49ea7f6..686caf19f34 100644 --- a/source/nsswitch/winbindd_util.c +++ b/source/nsswitch/winbindd_util.c @@ -24,7 +24,6 @@ #include "includes.h" #include "winbindd.h" -extern DOM_SID global_sid_Builtin; extern struct winbindd_methods cache_methods; extern struct winbindd_methods passdb_methods; @@ -105,7 +104,7 @@ static BOOL is_internal_domain(const DOM_SID *sid) /* Add a trusted domain to our list of domains */ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name, struct winbindd_methods *methods, - DOM_SID *sid) + const DOM_SID *sid) { struct winbindd_domain *domain; const char *alternative_name = NULL; diff --git a/source/passdb/machine_sid.c b/source/passdb/machine_sid.c index ae0b16273f2..ecc7d291f6d 100644 --- a/source/passdb/machine_sid.c +++ b/source/passdb/machine_sid.c @@ -86,8 +86,6 @@ static DOM_SID *pdb_generate_sam_sid(void) if(!(sam_sid=SMB_MALLOC_P(DOM_SID))) return NULL; - generate_wellknown_sids(); - switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c index 090621666fb..3899949058a 100644 --- a/source/passdb/pdb_ldap.c +++ b/source/passdb/pdb_ldap.c @@ -45,8 +45,6 @@ #include "includes.h" -extern DOM_SID global_sid_NULL; - #undef DBGC_CLASS #define DBGC_CLASS DBGC_PASSDB diff --git a/source/passdb/util_sam_sid.c b/source/passdb/util_sam_sid.c index 1fddfc79255..a9e1921e0d0 100644 --- a/source/passdb/util_sam_sid.c +++ b/source/passdb/util_sam_sid.c @@ -32,17 +32,11 @@ typedef struct _known_sid_users { static struct sid_name_map_info { - DOM_SID *sid; + const DOM_SID *sid; const char *name; const known_sid_users *known_users; } sid_name_map[MAX_SID_NAMES]; -extern DOM_SID global_sid_Builtin; /* Local well-known domain */ -extern DOM_SID global_sid_World_Domain; /* Everyone domain */ -extern DOM_SID global_sid_Creator_Owner_Domain; /* Creator Owner domain */ -extern DOM_SID global_sid_NT_Authority; /* NT Authority */ - - static BOOL sid_name_map_initialized = False; /* static known_sid_users no_users[] = {{0, 0, NULL}}; */ @@ -99,8 +93,6 @@ static void init_sid_name_map (void) if (sid_name_map_initialized) return; - generate_wellknown_sids(); - if ((lp_security() == SEC_USER) && lp_domain_logons()) { sid_name_map[i].sid = get_global_sam_sid(); /* This is not lp_workgroup() for good reason: diff --git a/source/printing/nt_printing.c b/source/printing/nt_printing.c index 97d01d43a53..40d815cead1 100644 --- a/source/printing/nt_printing.c +++ b/source/printing/nt_printing.c @@ -23,7 +23,6 @@ #include "includes.h" extern struct current_user current_user; -extern DOM_SID global_sid_World; static TDB_CONTEXT *tdb_forms; /* used for forms files */ static TDB_CONTEXT *tdb_drivers; /* used for driver files */ diff --git a/source/rpc_server/srv_lsa_nt.c b/source/rpc_server/srv_lsa_nt.c index f5f22d8cc07..5e949f0e63f 100644 --- a/source/rpc_server/srv_lsa_nt.c +++ b/source/rpc_server/srv_lsa_nt.c @@ -33,8 +33,6 @@ #define DBGC_CLASS DBGC_RPC_SRV extern PRIVS privs[]; -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin; struct lsa_info { DOM_SID sid; diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c index 24ff6f1f2c1..2384ddb9d35 100644 --- a/source/rpc_server/srv_samr_nt.c +++ b/source/rpc_server/srv_samr_nt.c @@ -39,9 +39,6 @@ SA_RIGHT_USER_CHANGE_PASSWORD | \ SA_RIGHT_USER_SET_LOC_COM ) -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin; - extern rid_name domain_group_rids[]; extern rid_name domain_alias_rids[]; extern rid_name builtin_alias_rids[]; diff --git a/source/rpc_server/srv_srvsvc_nt.c b/source/rpc_server/srv_srvsvc_nt.c index d806dcdc5a4..b5768a09af0 100644 --- a/source/rpc_server/srv_srvsvc_nt.c +++ b/source/rpc_server/srv_srvsvc_nt.c @@ -24,7 +24,6 @@ #include "includes.h" -extern DOM_SID global_sid_World; extern struct generic_mapping file_generic_mapping; #undef DBGC_CLASS diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c index 910ccbb7fa4..53019dc1b23 100644 --- a/source/rpcclient/cmd_samr.c +++ b/source/rpcclient/cmd_samr.c @@ -575,9 +575,6 @@ static NTSTATUS cmd_samr_query_useraliases(struct cli_state *cli, int i; fstring server; DOM_SID2 *sid2; - DOM_SID global_sid_Builtin; - - string_to_sid(&global_sid_Builtin, "S-1-5-32"); if (argc < 3) { printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]); @@ -869,11 +866,8 @@ static NTSTATUS cmd_samr_enum_als_groups(struct cli_state *cli, uint32 start_idx, size, num_als_groups, i; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; struct acct_info *als_groups; - DOM_SID global_sid_Builtin; BOOL got_connect_pol = False, got_domain_pol = False; - string_to_sid(&global_sid_Builtin, "S-1-5-32"); - if ((argc < 2) || (argc > 3)) { printf("Usage: %s builtin|domain [access mask]\n", argv[0]); return NT_STATUS_OK; @@ -951,9 +945,6 @@ static NTSTATUS cmd_samr_query_aliasmem(struct cli_state *cli, uint32 alias_rid, num_members, i; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; DOM_SID *alias_sids; - DOM_SID global_sid_Builtin; - - string_to_sid(&global_sid_Builtin, "S-1-5-32"); if ((argc < 3) || (argc > 4)) { printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]); @@ -1364,9 +1355,6 @@ static NTSTATUS cmd_samr_lookup_names(struct cli_state *cli, uint32 num_rids, num_names, *name_types, *rids; const char **names; int i; - DOM_SID global_sid_Builtin; - - string_to_sid(&global_sid_Builtin, "S-1-5-32"); if (argc < 3) { printf("Usage: %s domain|builtin name1 [name2 [name3] [...]]\n", argv[0]); diff --git a/source/smbd/nttrans.c b/source/smbd/nttrans.c index 69b83fe3da4..4dffe870c53 100644 --- a/source/smbd/nttrans.c +++ b/source/smbd/nttrans.c @@ -21,7 +21,6 @@ #include "includes.h" -extern DOM_SID global_sid_World; extern int max_send; extern enum protocol_types Protocol; extern int smb_read_error; diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c index 31135f09071..e0d98f4b897 100644 --- a/source/smbd/posix_acls.c +++ b/source/smbd/posix_acls.c @@ -22,11 +22,6 @@ #include "includes.h" extern struct current_user current_user; -extern DOM_SID global_sid_Creator_Owner; -extern DOM_SID global_sid_Creator_Group; -extern DOM_SID global_sid_World; -extern DOM_SID global_sid_Builtin_Administrators; -extern DOM_SID global_sid_Builtin_Users; extern struct generic_mapping file_generic_mapping; #undef DBGC_CLASS @@ -1045,8 +1040,8 @@ static BOOL uid_entry_in_group( canon_ace *uid_ace, canon_ace *group_ace ) static BOOL ensure_canon_entry_valid(canon_ace **pp_ace, files_struct *fsp, - DOM_SID *pfile_owner_sid, - DOM_SID *pfile_grp_sid, + const DOM_SID *pfile_owner_sid, + const DOM_SID *pfile_grp_sid, SMB_STRUCT_STAT *pst, BOOL setting_acl) { @@ -2063,7 +2058,7 @@ static void arrange_posix_perms( char *filename, canon_ace **pp_list_head) ****************************************************************************/ static canon_ace *canonicalise_acl( files_struct *fsp, SMB_ACL_T posix_acl, SMB_STRUCT_STAT *psbuf, - DOM_SID *powner, DOM_SID *pgroup, struct pai_val *pal, SMB_ACL_TYPE_T the_acl_type) + const DOM_SID *powner, const DOM_SID *pgroup, struct pai_val *pal, SMB_ACL_TYPE_T the_acl_type) { connection_struct *conn = fsp->conn; mode_t acl_mask = (S_IRUSR|S_IWUSR|S_IXUSR); diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c index ca9470c8650..6e884c24dfb 100644 --- a/source/utils/net_rpc.c +++ b/source/utils/net_rpc.c @@ -1909,7 +1909,6 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 start_idx=0, max_entries=250, num_entries, i, loop_count = 0; struct acct_info *groups; - DOM_SID global_sid_Builtin; BOOL global = False; BOOL local = False; BOOL builtin = False; @@ -1931,8 +1930,6 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, builtin = True; } - string_to_sid(&global_sid_Builtin, "S-1-5-32"); - /* Get sam policy handle */ result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, @@ -3278,7 +3275,6 @@ rpc_aliaslist_internals(const DOM_SID *domain_sid, const char *domain_name, { NTSTATUS result; POLICY_HND connect_pol; - DOM_SID global_sid_Builtin; result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); @@ -3286,8 +3282,6 @@ rpc_aliaslist_internals(const DOM_SID *domain_sid, const char *domain_name, if (!NT_STATUS_IS_OK(result)) goto done; - string_to_sid(&global_sid_Builtin, "S-1-5-32"); - result = rpc_fetch_domain_aliases(cli, mem_ctx, &connect_pol, &global_sid_Builtin); @@ -3304,14 +3298,6 @@ rpc_aliaslist_internals(const DOM_SID *domain_sid, const char *domain_name, static void init_user_token(NT_USER_TOKEN *token, DOM_SID *user_sid) { - DOM_SID global_sid_World; - DOM_SID global_sid_Network; - DOM_SID global_sid_Authenticated_Users; - - string_to_sid(&global_sid_World, "S-1-1-0"); - string_to_sid(&global_sid_Network, "S-1-5-2"); - string_to_sid(&global_sid_Authenticated_Users, "S-1-5-11"); - token->num_sids = 4; token->user_sids = SMB_MALLOC_ARRAY(DOM_SID, 4); diff --git a/source/utils/net_rpc_samsync.c b/source/utils/net_rpc_samsync.c index 3ddfc5c9d9b..fa38004fe6f 100644 --- a/source/utils/net_rpc_samsync.c +++ b/source/utils/net_rpc_samsync.c @@ -24,8 +24,6 @@ #include "includes.h" #include "utils/net.h" -extern DOM_SID global_sid_Builtin; - static void display_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *g) { int i; |