1 2/* 3 Unix SMB/CIFS implementation. 4 SMB parameters and setup 5 Copyright (C) Andrew Tridgell 1992-1997 6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997 7 Copyright (C) Paul Ashton 1997 8 Copyright (C) Simo Sorce 2003 9 Copyright (C) Gerald (Jerry) Carter 2005 10 11 This program is free software; you can redistribute it and/or modify 12 it under the terms of the GNU General Public License as published by 13 the Free Software Foundation; either version 3 of the License, or 14 (at your option) any later version. 15 16 This program is distributed in the hope that it will be useful, 17 but WITHOUT ANY WARRANTY; without even the implied warranty of 18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 19 GNU General Public License for more details. 20 21 You should have received a copy of the GNU General Public License 22 along with this program. If not, see <http://www.gnu.org/licenses/>. 23*/ 24 25#ifndef PRIVILEGES_H 26#define PRIVILEGES_H 27 28/* privilege bitmask */ 29 30#define SE_PRIV_MASKSIZE 4 31 32typedef struct { 33 uint32 mask[SE_PRIV_MASKSIZE]; 34} SE_PRIV; 35 36 37/* common privilege defines */ 38 39#define SE_END { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } } 40#define SE_NONE { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } } 41#define SE_ALL_PRIVS { { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF } } 42 43 44/* 45 * We will use our own set of privileges since it makes no sense 46 * to implement all of the Windows set when only a portion will 47 * be used. Use 128-bit mask to give room to grow. 48 */ 49 50#define SE_NETWORK_LOGON { { 0x00000001, 0x00000000, 0x00000000, 0x00000000 } } 51#define SE_INTERACTIVE_LOGON { { 0x00000002, 0x00000000, 0x00000000, 0x00000000 } } 52#define SE_BATCH_LOGON { { 0x00000004, 0x00000000, 0x00000000, 0x00000000 } } 53#define SE_SERVICE_LOGON { { 0x00000008, 0x00000000, 0x00000000, 0x00000000 } } 54#define SE_MACHINE_ACCOUNT { { 0x00000010, 0x00000000, 0x00000000, 0x00000000 } } 55#define SE_PRINT_OPERATOR { { 0x00000020, 0x00000000, 0x00000000, 0x00000000 } } 56#define SE_ADD_USERS { { 0x00000040, 0x00000000, 0x00000000, 0x00000000 } } 57#define SE_DISK_OPERATOR { { 0x00000080, 0x00000000, 0x00000000, 0x00000000 } } 58#define SE_REMOTE_SHUTDOWN { { 0x00000100, 0x00000000, 0x00000000, 0x00000000 } } 59#define SE_BACKUP { { 0x00000200, 0x00000000, 0x00000000, 0x00000000 } } 60#define SE_RESTORE { { 0x00000400, 0x00000000, 0x00000000, 0x00000000 } } 61#define SE_TAKE_OWNERSHIP { { 0x00000800, 0x00000000, 0x00000000, 0x00000000 } } 62#define SE_SECURITY { { 0x00001000, 0x00000000, 0x00000000, 0x00000000 } } 63 64/* defined in lib/privilegs_basic.c */ 65 66extern const SE_PRIV se_priv_all; 67 68extern const SE_PRIV se_priv_none; 69extern const SE_PRIV se_machine_account; 70extern const SE_PRIV se_print_operator; 71extern const SE_PRIV se_add_users; 72extern const SE_PRIV se_disk_operators; 73extern const SE_PRIV se_remote_shutdown; 74extern const SE_PRIV se_restore; 75extern const SE_PRIV se_take_ownership; 76extern const SE_PRIV se_security; 77 78 79/* 80 * These are used in Lsa replies (srv_lsa_nt.c) 81 */ 82 83typedef struct { 84 uint32 high; 85 uint32 low; 86} LUID; 87 88typedef struct { 89 LUID luid; 90 uint32 attr; 91} LUID_ATTR; 92 93typedef struct { 94 TALLOC_CTX *mem_ctx; 95 bool ext_ctx; 96 uint32 count; 97 uint32 control; 98 LUID_ATTR *set; 99} PRIVILEGE_SET; 100 101typedef struct { 102 SE_PRIV se_priv; 103 const char *name; 104 const char *description; 105 LUID luid; 106} PRIVS; 107 108#endif /* PRIVILEGES_H */ 109