| blob | 624817e32e0285364b8e90c9d28bdab9a55bb69d |
1 /*
2 * Unix SMB/CIFS implementation.
3 *
4 * default privileges backend for passdb
5 *
6 * Copyright (C) Andrew Tridgell 2003
7 *
8 * This program is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU General Public License as published by the Free
10 * Software Foundation; either version 2 of the License, or (at your option)
11 * any later version.
12 *
13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 * more details.
17 *
18 * You should have received a copy of the GNU General Public License along with
19 * this program; if not, write to the Free Software Foundation, Inc., 675
20 * Mass Ave, Cambridge, MA 02139, USA.
21 */
25 /*
26 this is a local implementation of a privileges backend, with
27 privileges stored in a tdb. Most passdb implementations will
28 probably use this backend, although some (such as pdb_ldap) will
29 store the privileges in another manner.
31 The basic principle is that the backend should store a list of SIDs
32 associated with each right, where a right is a string name such as
33 'SeTakeOwnershipPrivilege'. The SIDs can be of any type, and do not
34 need to belong to the local domain.
36 The way this is used is that certain places in the code which
37 require access control will ask the privileges backend 'does this
38 user have the following privilege'. The 'user' will be a NT_TOKEN,
39 which is essentially just a list of SIDs. If any of those SIDs are
40 listed in the list of SIDs for that privilege then the answer will
41 be 'yes'. That will usually mean that the user gets unconditional
42 access to that functionality, regradless of any ACLs. In this way
43 privileges act in a similar fashion to unix setuid bits.
44 */
46 /*
47 The terms 'right' and 'privilege' are used interchangably in this
48 file. This follows MSDN convention where the LSA calls are calls on
49 'rights', which really means privileges. My apologies for the
50 confusion.
51 */
54 /* 15 seconds seems like an ample time for timeouts on the privileges db */
55 #define LOCK_TIMEOUT 15
58 /* the tdb handle for the privileges database */
62 /* initialise the privilege database */
64 {
70 }
73 }
75 /*
76 lock the record for a particular privilege (write lock)
77 */
79 {
82 }
84 }
86 /*
87 unlock the record for a particular privilege (write lock)
88 */
90 {
92 }
95 /*
96 return a list of SIDs that have a particular right
97 */
101 {
102 TDB_DATA data;
108 }
115 }
117 /* count them */
120 }
123 /* allocate and parse */
127 }
132 }
134 }
139 }
141 /*
142 set what accounts have a given right - this is an internal interface
143 */
145 uint32 count,
147 {
148 TDB_DATA data;
154 }
156 /* allocate the maximum size that we might use */
160 }
167 }
174 }
178 }
181 /*
182 add a SID to the list of SIDs for a right
183 */
186 {
187 NTSTATUS status;
189 uint32 current_count;
195 }
201 }
203 /* maybe that SID is already listed? this is not an error */
209 }
210 }
212 /* add it in */
217 }
220 current_count++;
228 }
231 /*
232 remove a SID from the list of SIDs for a right
233 */
236 {
237 NTSTATUS status;
239 uint32 current_count;
245 }
251 }
255 /* found it - so remove it */
259 }
260 current_count--;
262 current_count,
263 current_sids);
267 }
268 }
270 /* removing a right that you don't have is not an error */
275 }
278 /*
279 an internal function for checking if a SID has a right
280 */
282 {
283 NTSTATUS status;
284 uint32 count;
291 }
296 }
297 }
301 }
303 /*
304 list the rights for an account. This involves traversing the database
305 */
309 {
315 }
331 }
335 }
338 }
341 }