KCC: improved documentation for verify_graph_directed_double_ring
[Samba.git] / source3 / registry / reg_util_token.c
blobd599b3a33dd073ae8eeb99ad87776ad7396f0784
1 /*
2 * Unix SMB/CIFS implementation.
3 * Registry helper routines
4 * Copyright (C) Michael Adam 2007
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 3 of the License, or (at your option)
9 * any later version.
11 * This program is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, see <http://www.gnu.org/licenses/>.
20 #include "includes.h"
21 #include "reg_util_token.h"
22 #include "../libcli/security/security.h"
25 * create a fake token just with enough rights to
26 * locally access the registry:
28 * - builtin administrators sid
29 * - disk operators privilege
31 NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
32 struct security_token **ptoken)
34 NTSTATUS status;
35 struct security_token *token = NULL;
37 if (ptoken == NULL) {
38 return NT_STATUS_INVALID_PARAMETER;
41 token = talloc_zero(mem_ctx, struct security_token);
42 if (token == NULL) {
43 DEBUG(1, ("talloc failed\n"));
44 status = NT_STATUS_NO_MEMORY;
45 goto done;
47 security_token_set_privilege(token, SEC_PRIV_DISK_OPERATOR);
49 status = add_sid_to_array(token, &global_sid_Builtin_Administrators,
50 &token->sids, &token->num_sids);
51 if (!NT_STATUS_IS_OK(status)) {
52 DEBUG(1, ("Error adding builtin administrators sid "
53 "to fake token.\n"));
54 goto done;
57 *ptoken = token;
59 done:
60 return status;