s3-secdesc: use SEC_FLAG_SYSTEM_SECURITY instead of SEC_RIGHT_SYSTEM_SECURITY.

Guenther

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 451461744b7896dda2316c0c0845bccf7302d10f..a0ae82a73c1b1353828fc42d9a1bce8ae6c21c5a 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2400,9 +2400,9 @@ static NTSTATUS open_directory(connection_struct *conn,
        }
 
        /* We need to support SeSecurityPrivilege for this. */
-       if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+       if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
                DEBUG(10, ("open_directory: open on %s "
-                       "failed - SEC_RIGHT_SYSTEM_SECURITY denied.\n",
+                       "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
                        fname));
                return NT_STATUS_PRIVILEGE_NOT_HELD;
        }
@@ -2946,7 +2946,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
 
 #if 0
        /* We need to support SeSecurityPrivilege for this. */
-       if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) &&
+       if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
            !user_has_privileges(current_user.nt_user_token,
                                 &se_security)) {
                status = NT_STATUS_PRIVILEGE_NOT_HELD;
@@ -2954,7 +2954,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
        }
 #else
        /* We need to support SeSecurityPrivilege for this. */
-       if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+       if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
                status = NT_STATUS_PRIVILEGE_NOT_HELD;
                goto fail;
        }

diff --git a/source3/utils/net_registry.c b/source3/utils/net_registry.c
index a504bcfd0b6a1cf24dd1701c9a4067ca7d2672f2..d6cdd982c3db1e45718a15bb1440b25fb628078c 100644 (file)
--- a/source3/utils/net_registry.c
+++ b/source3/utils/net_registry.c
@@ -412,10 +412,10 @@ static int net_registry_getsd(struct net_context *c, int argc,
        TALLOC_CTX *ctx = talloc_stackframe();
        uint32_t access_mask = REG_KEY_READ |
                               SEC_FLAG_MAXIMUM_ALLOWED |
-                              SEC_RIGHT_SYSTEM_SECURITY;
+                              SEC_FLAG_SYSTEM_SECURITY;
 
        /*
-        * net_rpc_regsitry uses SEC_RIGHT_SYSTEM_SECURITY, but access
+        * net_rpc_regsitry uses SEC_FLAG_SYSTEM_SECURITY, but access
         * is denied with these perms right now...
         */
        access_mask = REG_KEY_READ;

diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c
index 3076866a3a9e6a608ba88094f0cbbcf76ae75d6b..cad605fdde4fe7fb73f9b6e5a607cdcd58f1548b 100644 (file)
--- a/source3/utils/net_rpc_registry.c
+++ b/source3/utils/net_rpc_registry.c
@@ -1148,7 +1148,7 @@ static NTSTATUS rpc_registry_getsd_internal(struct net_context *c,
        struct security_descriptor sec_desc;
        uint32_t access_mask = REG_KEY_READ |
                               SEC_FLAG_MAXIMUM_ALLOWED |
-                              SEC_RIGHT_SYSTEM_SECURITY;
+                              SEC_FLAG_SYSTEM_SECURITY;
 
        if (argc <1 || argc > 2 || c->display_usage) {
                d_printf("Usage:    net rpc registry getsd <path> <secinfo>\n");