From e7732d050881bf6aa11a7846683bd3ef79558bb4 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sat, 11 Dec 2004 13:19:41 +0000
Subject: r4151: added privilege attribute handling on samdb.

pvfs will now honor some privileges on ACLs, and it will be quite easy
to add the checks for more privileges in the necessary places, by
making calls to sec_privilege_check().
---
 source/auth/auth_util.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'source/auth/auth_util.c')

diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index 4a60c3f847a..2b6d5324eed 100644
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -353,6 +353,7 @@ NTSTATUS create_security_token(TALLOC_CTX *mem_ctx,
 {
 	struct security_token *ptoken;
 	int i;
+	NTSTATUS status;
 
 	ptoken = security_token_initialise(mem_ctx);
 	if (ptoken == NULL) {
@@ -397,6 +398,13 @@ NTSTATUS create_security_token(TALLOC_CTX *mem_ctx,
 			ptoken->sids[ptoken->num_sids++] = groupSIDs[i];
 		}
 	}
+
+	/* setup the privilege mask for this token */
+	status = samdb_privilege_setup(ptoken);
+	if (!NT_STATUS_IS_OK(status)) {
+		talloc_free(ptoken);
+		return status;
+	}
 	
 	debug_security_token(DBGC_AUTH, 10, ptoken);
 	
-- 
cgit