summaryrefslogtreecommitdiffstats
path: root/source
diff options
context:
space:
mode:
Diffstat (limited to 'source')
-rw-r--r--source/auth/auth_util.c5
-rw-r--r--source/groupdb/mapping.c2
-rw-r--r--source/include/smb.h22
-rw-r--r--source/lib/account_pol.c8
-rw-r--r--source/lib/secace.c2
-rw-r--r--source/lib/secdesc.c4
-rw-r--r--source/lib/util_seaccess.c2
-rw-r--r--source/lib/util_sid.c141
-rw-r--r--source/nsswitch/wb_client.c2
-rw-r--r--source/nsswitch/winbindd.c2
-rw-r--r--source/nsswitch/winbindd_util.c3
-rw-r--r--source/passdb/machine_sid.c2
-rw-r--r--source/passdb/pdb_ldap.c2
-rw-r--r--source/passdb/util_sam_sid.c10
-rw-r--r--source/printing/nt_printing.c1
-rw-r--r--source/rpc_server/srv_lsa_nt.c2
-rw-r--r--source/rpc_server/srv_samr_nt.c3
-rw-r--r--source/rpc_server/srv_srvsvc_nt.c1
-rw-r--r--source/rpcclient/cmd_samr.c12
-rw-r--r--source/smbd/nttrans.c1
-rw-r--r--source/smbd/posix_acls.c11
-rw-r--r--source/utils/net_rpc.c14
-rw-r--r--source/utils/net_rpc_samsync.c2
23 files changed, 83 insertions, 171 deletions
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index 7cab3df99e4..a50a449815c 100644
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -26,11 +26,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-extern DOM_SID global_sid_World;
-extern DOM_SID global_sid_Network;
-extern DOM_SID global_sid_Builtin_Guests;
-extern DOM_SID global_sid_Authenticated_Users;
-
/****************************************************************************
Create a UNIX user on demand.
diff --git a/source/groupdb/mapping.c b/source/groupdb/mapping.c
index d02c5120541..6e9d9b8e6cf 100644
--- a/source/groupdb/mapping.c
+++ b/source/groupdb/mapping.c
@@ -21,8 +21,6 @@
#include "includes.h"
-extern DOM_SID global_sid_Builtin;
-
static TDB_CONTEXT *tdb; /* used for driver files */
#define DATABASE_VERSION_V1 1 /* native byte format. */
diff --git a/source/include/smb.h b/source/include/smb.h
index d12459c2f98..80b20756517 100644
--- a/source/include/smb.h
+++ b/source/include/smb.h
@@ -287,6 +287,28 @@ typedef struct sid_info
} DOM_SID;
+/* Some well-known SIDs */
+extern const DOM_SID global_sid_World_Domain;
+extern const DOM_SID global_sid_World;
+extern const DOM_SID global_sid_Creator_Owner_Domain;
+extern const DOM_SID global_sid_NT_Authority;
+extern const DOM_SID global_sid_System;
+extern const DOM_SID global_sid_NULL;
+extern const DOM_SID global_sid_Authenticated_Users;
+extern const DOM_SID global_sid_Network;
+extern const DOM_SID global_sid_Creator_Owner;
+extern const DOM_SID global_sid_Creator_Group;
+extern const DOM_SID global_sid_Anonymous;
+extern const DOM_SID global_sid_Builtin;
+extern const DOM_SID global_sid_Builtin_Administrators;
+extern const DOM_SID global_sid_Builtin_Users;
+extern const DOM_SID global_sid_Builtin_Guests;
+extern const DOM_SID global_sid_Builtin_Power_Users;
+extern const DOM_SID global_sid_Builtin_Account_Operators;
+extern const DOM_SID global_sid_Builtin_Server_Operators;
+extern const DOM_SID global_sid_Builtin_Print_Operators;
+extern const DOM_SID global_sid_Builtin_Backup_Operators;
+extern const DOM_SID global_sid_Builtin_Replicator;
/*
* The complete list of SIDS belonging to this user.
diff --git a/source/lib/account_pol.c b/source/lib/account_pol.c
index 72d6e77ddda..423dc1675a6 100644
--- a/source/lib/account_pol.c
+++ b/source/lib/account_pol.c
@@ -24,14 +24,6 @@ static TDB_CONTEXT *tdb;
#define DATABASE_VERSION 2
-extern DOM_SID global_sid_World;
-extern DOM_SID global_sid_Builtin_Administrators;
-extern DOM_SID global_sid_Builtin_Account_Operators;
-extern DOM_SID global_sid_Builtin_Server_Operators;
-extern DOM_SID global_sid_Builtin_Print_Operators;
-extern DOM_SID global_sid_Builtin_Backup_Operators;
-
-
/****************************************************************************
Set default for a field if it is empty
****************************************************************************/
diff --git a/source/lib/secace.c b/source/lib/secace.c
index e44d9aa940e..c550dcce311 100644
--- a/source/lib/secace.c
+++ b/source/lib/secace.c
@@ -57,7 +57,7 @@ void sec_ace_copy(SEC_ACE *ace_dest, SEC_ACE *ace_src)
Sets up a SEC_ACE structure.
********************************************************************/
-void init_sec_ace(SEC_ACE *t, DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag)
+void init_sec_ace(SEC_ACE *t, const DOM_SID *sid, uint8 type, SEC_ACCESS mask, uint8 flag)
{
t->type = type;
t->flags = flag;
diff --git a/source/lib/secdesc.c b/source/lib/secdesc.c
index 686a4edf77c..ace0aee8664 100644
--- a/source/lib/secdesc.c
+++ b/source/lib/secdesc.c
@@ -179,7 +179,7 @@ SEC_DESC_BUF *sec_desc_merge(TALLOC_CTX *ctx, SEC_DESC_BUF *new_sdb, SEC_DESC_BU
********************************************************************/
SEC_DESC *make_sec_desc(TALLOC_CTX *ctx, uint16 revision, uint16 type,
- DOM_SID *owner_sid, DOM_SID *grp_sid,
+ const DOM_SID *owner_sid, const DOM_SID *grp_sid,
SEC_ACL *sacl, SEC_ACL *dacl, size_t *sd_size)
{
SEC_DESC *dst;
@@ -269,7 +269,7 @@ SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src)
Creates a SEC_DESC structure with typical defaults.
********************************************************************/
-SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, DOM_SID *owner_sid, DOM_SID *grp_sid,
+SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid,
SEC_ACL *dacl, size_t *sd_size)
{
return make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE,
diff --git a/source/lib/util_seaccess.c b/source/lib/util_seaccess.c
index 362504e46b8..73fc45c844d 100644
--- a/source/lib/util_seaccess.c
+++ b/source/lib/util_seaccess.c
@@ -21,8 +21,6 @@
#include "includes.h"
-extern DOM_SID global_sid_Builtin;
-extern DOM_SID global_sid_World;
extern NT_USER_TOKEN anonymous_token;
/*********************************************************************************
diff --git a/source/lib/util_sid.c b/source/lib/util_sid.c
index 00fb40cd733..1838da1313d 100644
--- a/source/lib/util_sid.c
+++ b/source/lib/util_sid.c
@@ -28,29 +28,51 @@
* Some useful sids
*/
-DOM_SID global_sid_World_Domain; /* Everyone domain */
-DOM_SID global_sid_World; /* Everyone */
-DOM_SID global_sid_Creator_Owner_Domain; /* Creator Owner domain */
-DOM_SID global_sid_NT_Authority; /* NT Authority */
-DOM_SID global_sid_System; /* System */
-DOM_SID global_sid_NULL; /* NULL sid */
-DOM_SID global_sid_Authenticated_Users; /* All authenticated rids */
-DOM_SID global_sid_Network; /* Network rids */
-
-DOM_SID global_sid_Creator_Owner; /* Creator Owner */
-DOM_SID global_sid_Creator_Group; /* Creator Group */
-DOM_SID global_sid_Anonymous; /* Anonymous login */
-
-DOM_SID global_sid_Builtin; /* Local well-known domain */
-DOM_SID global_sid_Builtin_Administrators; /* Builtin administrators */
-DOM_SID global_sid_Builtin_Users; /* Builtin users */
-DOM_SID global_sid_Builtin_Guests; /* Builtin guest users */
-DOM_SID global_sid_Builtin_Power_Users; /* Builtin power users */
-DOM_SID global_sid_Builtin_Account_Operators; /* Builtin account operators */
-DOM_SID global_sid_Builtin_Server_Operators; /* Builtin server operators */
-DOM_SID global_sid_Builtin_Print_Operators; /* Builtin print operators */
-DOM_SID global_sid_Builtin_Backup_Operators; /* Builtin backup operators */
-DOM_SID global_sid_Builtin_Replicator; /* Builtin replicator */
+
+const DOM_SID global_sid_World_Domain = /* Everyone domain */
+{ 1, 0, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_World = /* Everyone */
+{ 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Creator_Owner_Domain = /* Creator Owner domain */
+{ 1, 0, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_NT_Authority = /* NT Authority */
+{ 1, 0, {0,0,0,0,0,5}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_System = /* System */
+{ 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_NULL = /* NULL sid */
+{ 1, 1, {0,0,0,0,0,0}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Authenticated_Users = /* All authenticated rids */
+{ 1, 1, {0,0,0,0,0,5}, {11,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Network = /* Network rids */
+{ 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+
+const DOM_SID global_sid_Creator_Owner = /* Creator Owner */
+{ 1, 1, {0,0,0,0,0,3}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Creator_Group = /* Creator Group */
+{ 1, 1, {0,0,0,0,0,3}, {1,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Anonymous = /* Anonymous login */
+{ 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+
+const DOM_SID global_sid_Builtin = /* Local well-known domain */
+{ 1, 1, {0,0,0,0,0,5}, {32,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Administrators = /* Builtin administrators */
+{ 1, 2, {0,0,0,0,0,5}, {32,544,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Users = /* Builtin users */
+{ 1, 2, {0,0,0,0,0,5}, {32,545,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Guests = /* Builtin guest users */
+{ 1, 2, {0,0,0,0,0,5}, {32,546,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Power_Users = /* Builtin power users */
+{ 1, 2, {0,0,0,0,0,5}, {32,547,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Account_Operators = /* Builtin account operators */
+{ 1, 2, {0,0,0,0,0,5}, {32,548,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Server_Operators = /* Builtin server operators */
+{ 1, 2, {0,0,0,0,0,5}, {32,549,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Print_Operators = /* Builtin print operators */
+{ 1, 2, {0,0,0,0,0,5}, {32,550,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Backup_Operators = /* Builtin backup operators */
+{ 1, 2, {0,0,0,0,0,5}, {32,551,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+const DOM_SID global_sid_Builtin_Replicator = /* Builtin replicator */
+{ 1, 2, {0,0,0,0,0,5}, {32,552,0,0,0,0,0,0,0,0,0,0,0,0,0}};
#define SECURITY_NULL_SID_AUTHORITY 0
#define SECURITY_WORLD_SID_AUTHORITY 1
@@ -62,18 +84,15 @@ DOM_SID global_sid_Builtin_Replicator; /* Builtin replicator */
* An NT compatible anonymous token.
*/
-static DOM_SID anon_sid_array[3];
-
-NT_USER_TOKEN anonymous_token = {
- 3,
- anon_sid_array
-};
+static DOM_SID anon_sid_array[3] =
+{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
+ { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}},
+ { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
+NT_USER_TOKEN anonymous_token = { 3, anon_sid_array, SE_NONE };
-static DOM_SID system_sid_array[4];
-NT_USER_TOKEN system_token = {
- 1,
- system_sid_array
-};
+static DOM_SID system_sid_array[1] =
+{ { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} };
+NT_USER_TOKEN system_token = { 1, system_sid_array, SE_ALL_PRIVS };
/****************************************************************************
Lookup string names for SID types.
@@ -111,66 +130,12 @@ const char *sid_type_lookup(uint32 sid_type)
return "SID *TYPE* is INVALID";
}
-/****************************************************************************
- Creates some useful well known sids
-****************************************************************************/
-
-void generate_wellknown_sids(void)
-{
- static BOOL initialised = False;
-
- if (initialised)
- return;
-
- /* SECURITY_NULL_SID_AUTHORITY */
- string_to_sid(&global_sid_NULL, "S-1-0-0");
-
- /* SECURITY_WORLD_SID_AUTHORITY */
- string_to_sid(&global_sid_World_Domain, "S-1-1");
- string_to_sid(&global_sid_World, "S-1-1-0");
-
- /* SECURITY_CREATOR_SID_AUTHORITY */
- string_to_sid(&global_sid_Creator_Owner_Domain, "S-1-3");
- string_to_sid(&global_sid_Creator_Owner, "S-1-3-0");
- string_to_sid(&global_sid_Creator_Group, "S-1-3-1");
-
- /* SECURITY_NT_AUTHORITY */
- string_to_sid(&global_sid_NT_Authority, "S-1-5");
- string_to_sid(&global_sid_Network, "S-1-5-2");
- string_to_sid(&global_sid_Anonymous, "S-1-5-7");
- string_to_sid(&global_sid_Authenticated_Users, "S-1-5-11");
- string_to_sid(&global_sid_System, "S-1-5-18");
-
- /* SECURITY_BUILTIN_DOMAIN_RID */
- string_to_sid(&global_sid_Builtin, "S-1-5-32");
- string_to_sid(&global_sid_Builtin_Administrators, "S-1-5-32-544");
- string_to_sid(&global_sid_Builtin_Users, "S-1-5-32-545");
- string_to_sid(&global_sid_Builtin_Guests, "S-1-5-32-546");
- string_to_sid(&global_sid_Builtin_Power_Users, "S-1-5-32-547");
- string_to_sid(&global_sid_Builtin_Account_Operators, "S-1-5-32-548");
- string_to_sid(&global_sid_Builtin_Server_Operators, "S-1-5-32-549");
- string_to_sid(&global_sid_Builtin_Print_Operators, "S-1-5-32-550");
- string_to_sid(&global_sid_Builtin_Backup_Operators, "S-1-5-32-551");
- string_to_sid(&global_sid_Builtin_Replicator, "S-1-5-32-552");
-
- /* Create the anon token. */
- sid_copy( &anonymous_token.user_sids[0], &global_sid_World);
- sid_copy( &anonymous_token.user_sids[1], &global_sid_Network);
- sid_copy( &anonymous_token.user_sids[2], &global_sid_Anonymous);
-
- /* Create the system token. */
- sid_copy( &system_token.user_sids[0], &global_sid_System);
-
- initialised = True;
-}
-
/**************************************************************************
Create the SYSTEM token.
***************************************************************************/
NT_USER_TOKEN *get_system_token(void)
{
- generate_wellknown_sids(); /* The token is initialised here */
return &system_token;
}
diff --git a/source/nsswitch/wb_client.c b/source/nsswitch/wb_client.c
index 3a920c1134b..5e08c0853e1 100644
--- a/source/nsswitch/wb_client.c
+++ b/source/nsswitch/wb_client.c
@@ -28,8 +28,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
-extern DOM_SID global_sid_NULL; /* NULL sid */
-
NSS_STATUS winbindd_request(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
diff --git a/source/nsswitch/winbindd.c b/source/nsswitch/winbindd.c
index 6f4a0a27533..6840dd91871 100644
--- a/source/nsswitch/winbindd.c
+++ b/source/nsswitch/winbindd.c
@@ -898,8 +898,6 @@ int main(int argc, char **argv)
idmap_proxyonly();
}
- generate_wellknown_sids();
-
/* Unblock all signals we are interested in as they may have been
blocked by the parent process. */
diff --git a/source/nsswitch/winbindd_util.c b/source/nsswitch/winbindd_util.c
index b9fb49ea7f6..686caf19f34 100644
--- a/source/nsswitch/winbindd_util.c
+++ b/source/nsswitch/winbindd_util.c
@@ -24,7 +24,6 @@
#include "includes.h"
#include "winbindd.h"
-extern DOM_SID global_sid_Builtin;
extern struct winbindd_methods cache_methods;
extern struct winbindd_methods passdb_methods;
@@ -105,7 +104,7 @@ static BOOL is_internal_domain(const DOM_SID *sid)
/* Add a trusted domain to our list of domains */
static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name,
struct winbindd_methods *methods,
- DOM_SID *sid)
+ const DOM_SID *sid)
{
struct winbindd_domain *domain;
const char *alternative_name = NULL;
diff --git a/source/passdb/machine_sid.c b/source/passdb/machine_sid.c
index ae0b16273f2..ecc7d291f6d 100644
--- a/source/passdb/machine_sid.c
+++ b/source/passdb/machine_sid.c
@@ -86,8 +86,6 @@ static DOM_SID *pdb_generate_sam_sid(void)
if(!(sam_sid=SMB_MALLOC_P(DOM_SID)))
return NULL;
- generate_wellknown_sids();
-
switch (lp_server_role()) {
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c
index 090621666fb..3899949058a 100644
--- a/source/passdb/pdb_ldap.c
+++ b/source/passdb/pdb_ldap.c
@@ -45,8 +45,6 @@
#include "includes.h"
-extern DOM_SID global_sid_NULL;
-
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
diff --git a/source/passdb/util_sam_sid.c b/source/passdb/util_sam_sid.c
index 1fddfc79255..a9e1921e0d0 100644
--- a/source/passdb/util_sam_sid.c
+++ b/source/passdb/util_sam_sid.c
@@ -32,17 +32,11 @@ typedef struct _known_sid_users {
static struct sid_name_map_info
{
- DOM_SID *sid;
+ const DOM_SID *sid;
const char *name;
const known_sid_users *known_users;
} sid_name_map[MAX_SID_NAMES];
-extern DOM_SID global_sid_Builtin; /* Local well-known domain */
-extern DOM_SID global_sid_World_Domain; /* Everyone domain */
-extern DOM_SID global_sid_Creator_Owner_Domain; /* Creator Owner domain */
-extern DOM_SID global_sid_NT_Authority; /* NT Authority */
-
-
static BOOL sid_name_map_initialized = False;
/* static known_sid_users no_users[] = {{0, 0, NULL}}; */
@@ -99,8 +93,6 @@ static void init_sid_name_map (void)
if (sid_name_map_initialized) return;
- generate_wellknown_sids();
-
if ((lp_security() == SEC_USER) && lp_domain_logons()) {
sid_name_map[i].sid = get_global_sam_sid();
/* This is not lp_workgroup() for good reason:
diff --git a/source/printing/nt_printing.c b/source/printing/nt_printing.c
index 97d01d43a53..40d815cead1 100644
--- a/source/printing/nt_printing.c
+++ b/source/printing/nt_printing.c
@@ -23,7 +23,6 @@
#include "includes.h"
extern struct current_user current_user;
-extern DOM_SID global_sid_World;
static TDB_CONTEXT *tdb_forms; /* used for forms files */
static TDB_CONTEXT *tdb_drivers; /* used for driver files */
diff --git a/source/rpc_server/srv_lsa_nt.c b/source/rpc_server/srv_lsa_nt.c
index f5f22d8cc07..5e949f0e63f 100644
--- a/source/rpc_server/srv_lsa_nt.c
+++ b/source/rpc_server/srv_lsa_nt.c
@@ -33,8 +33,6 @@
#define DBGC_CLASS DBGC_RPC_SRV
extern PRIVS privs[];
-extern DOM_SID global_sid_World;
-extern DOM_SID global_sid_Builtin;
struct lsa_info {
DOM_SID sid;
diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c
index 24ff6f1f2c1..2384ddb9d35 100644
--- a/source/rpc_server/srv_samr_nt.c
+++ b/source/rpc_server/srv_samr_nt.c
@@ -39,9 +39,6 @@
SA_RIGHT_USER_CHANGE_PASSWORD | \
SA_RIGHT_USER_SET_LOC_COM )
-extern DOM_SID global_sid_World;
-extern DOM_SID global_sid_Builtin;
-
extern rid_name domain_group_rids[];
extern rid_name domain_alias_rids[];
extern rid_name builtin_alias_rids[];
diff --git a/source/rpc_server/srv_srvsvc_nt.c b/source/rpc_server/srv_srvsvc_nt.c
index d806dcdc5a4..b5768a09af0 100644
--- a/source/rpc_server/srv_srvsvc_nt.c
+++ b/source/rpc_server/srv_srvsvc_nt.c
@@ -24,7 +24,6 @@
#include "includes.h"
-extern DOM_SID global_sid_World;
extern struct generic_mapping file_generic_mapping;
#undef DBGC_CLASS
diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c
index 910ccbb7fa4..53019dc1b23 100644
--- a/source/rpcclient/cmd_samr.c
+++ b/source/rpcclient/cmd_samr.c
@@ -575,9 +575,6 @@ static NTSTATUS cmd_samr_query_useraliases(struct cli_state *cli,
int i;
fstring server;
DOM_SID2 *sid2;
- DOM_SID global_sid_Builtin;
-
- string_to_sid(&global_sid_Builtin, "S-1-5-32");
if (argc < 3) {
printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
@@ -869,11 +866,8 @@ static NTSTATUS cmd_samr_enum_als_groups(struct cli_state *cli,
uint32 start_idx, size, num_als_groups, i;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
struct acct_info *als_groups;
- DOM_SID global_sid_Builtin;
BOOL got_connect_pol = False, got_domain_pol = False;
- string_to_sid(&global_sid_Builtin, "S-1-5-32");
-
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s builtin|domain [access mask]\n", argv[0]);
return NT_STATUS_OK;
@@ -951,9 +945,6 @@ static NTSTATUS cmd_samr_query_aliasmem(struct cli_state *cli,
uint32 alias_rid, num_members, i;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
DOM_SID *alias_sids;
- DOM_SID global_sid_Builtin;
-
- string_to_sid(&global_sid_Builtin, "S-1-5-32");
if ((argc < 3) || (argc > 4)) {
printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]);
@@ -1364,9 +1355,6 @@ static NTSTATUS cmd_samr_lookup_names(struct cli_state *cli,
uint32 num_rids, num_names, *name_types, *rids;
const char **names;
int i;
- DOM_SID global_sid_Builtin;
-
- string_to_sid(&global_sid_Builtin, "S-1-5-32");
if (argc < 3) {
printf("Usage: %s domain|builtin name1 [name2 [name3] [...]]\n", argv[0]);
diff --git a/source/smbd/nttrans.c b/source/smbd/nttrans.c
index 69b83fe3da4..4dffe870c53 100644
--- a/source/smbd/nttrans.c
+++ b/source/smbd/nttrans.c
@@ -21,7 +21,6 @@
#include "includes.h"
-extern DOM_SID global_sid_World;
extern int max_send;
extern enum protocol_types Protocol;
extern int smb_read_error;
diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c
index 31135f09071..e0d98f4b897 100644
--- a/source/smbd/posix_acls.c
+++ b/source/smbd/posix_acls.c
@@ -22,11 +22,6 @@
#include "includes.h"
extern struct current_user current_user;
-extern DOM_SID global_sid_Creator_Owner;
-extern DOM_SID global_sid_Creator_Group;
-extern DOM_SID global_sid_World;
-extern DOM_SID global_sid_Builtin_Administrators;
-extern DOM_SID global_sid_Builtin_Users;
extern struct generic_mapping file_generic_mapping;
#undef DBGC_CLASS
@@ -1045,8 +1040,8 @@ static BOOL uid_entry_in_group( canon_ace *uid_ace, canon_ace *group_ace )
static BOOL ensure_canon_entry_valid(canon_ace **pp_ace,
files_struct *fsp,
- DOM_SID *pfile_owner_sid,
- DOM_SID *pfile_grp_sid,
+ const DOM_SID *pfile_owner_sid,
+ const DOM_SID *pfile_grp_sid,
SMB_STRUCT_STAT *pst,
BOOL setting_acl)
{
@@ -2063,7 +2058,7 @@ static void arrange_posix_perms( char *filename, canon_ace **pp_list_head)
****************************************************************************/
static canon_ace *canonicalise_acl( files_struct *fsp, SMB_ACL_T posix_acl, SMB_STRUCT_STAT *psbuf,
- DOM_SID *powner, DOM_SID *pgroup, struct pai_val *pal, SMB_ACL_TYPE_T the_acl_type)
+ const DOM_SID *powner, const DOM_SID *pgroup, struct pai_val *pal, SMB_ACL_TYPE_T the_acl_type)
{
connection_struct *conn = fsp->conn;
mode_t acl_mask = (S_IRUSR|S_IWUSR|S_IXUSR);
diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c
index ca9470c8650..6e884c24dfb 100644
--- a/source/utils/net_rpc.c
+++ b/source/utils/net_rpc.c
@@ -1909,7 +1909,6 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 start_idx=0, max_entries=250, num_entries, i, loop_count = 0;
struct acct_info *groups;
- DOM_SID global_sid_Builtin;
BOOL global = False;
BOOL local = False;
BOOL builtin = False;
@@ -1931,8 +1930,6 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name,
builtin = True;
}
- string_to_sid(&global_sid_Builtin, "S-1-5-32");
-
/* Get sam policy handle */
result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
@@ -3278,7 +3275,6 @@ rpc_aliaslist_internals(const DOM_SID *domain_sid, const char *domain_name,
{
NTSTATUS result;
POLICY_HND connect_pol;
- DOM_SID global_sid_Builtin;
result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
@@ -3286,8 +3282,6 @@ rpc_aliaslist_internals(const DOM_SID *domain_sid, const char *domain_name,
if (!NT_STATUS_IS_OK(result))
goto done;
- string_to_sid(&global_sid_Builtin, "S-1-5-32");
-
result = rpc_fetch_domain_aliases(cli, mem_ctx, &connect_pol,
&global_sid_Builtin);
@@ -3304,14 +3298,6 @@ rpc_aliaslist_internals(const DOM_SID *domain_sid, const char *domain_name,
static void init_user_token(NT_USER_TOKEN *token, DOM_SID *user_sid)
{
- DOM_SID global_sid_World;
- DOM_SID global_sid_Network;
- DOM_SID global_sid_Authenticated_Users;
-
- string_to_sid(&global_sid_World, "S-1-1-0");
- string_to_sid(&global_sid_Network, "S-1-5-2");
- string_to_sid(&global_sid_Authenticated_Users, "S-1-5-11");
-
token->num_sids = 4;
token->user_sids = SMB_MALLOC_ARRAY(DOM_SID, 4);
diff --git a/source/utils/net_rpc_samsync.c b/source/utils/net_rpc_samsync.c
index 3ddfc5c9d9b..fa38004fe6f 100644
--- a/source/utils/net_rpc_samsync.c
+++ b/source/utils/net_rpc_samsync.c
@@ -24,8 +24,6 @@
#include "includes.h"
#include "utils/net.h"
-extern DOM_SID global_sid_Builtin;
-
static void display_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *g)
{
int i;