auth: Use only security_token_is_system to determine that a user is SYSTEM

This removes the duplication on how to detect that a user is system in Samba
now that the smbd system account is also only SID_NT_SYSTEM we can use the same
check everywhere.

Andrew Bartlett

Signed-off-by: Andreas Schneider <asn@samba.org>

diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
index b0494f99ecff2be372497b845737d8437f7b1d93..0bed671039747f782e9616707e9a0987d700cd3a 100644 (file)
--- a/librpc/idl/auth.idl
+++ b/librpc/idl/auth.idl
@@ -60,11 +60,6 @@ interface auth
        } auth_user_info_torture;
 
        typedef [public] struct {
-               /* These match exactly the values from the
-                * auth_serversupplied_info, but should be changed to
-                * checks involving just the SIDs */
-               boolean8 system;
-
                [unique,charset(UTF8),string] char *unix_name;
 
                /*

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 91fecfedbf3accfeea6f9bc641be959f9438e524..2ac46e6c5fe105df56f8dd74ac3893c21e4d2d3b 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -506,8 +506,6 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
        session_info->unix_info->sanitized_username =
                                talloc_strdup(session_info->unix_info, tmp);
 
-       session_info->unix_info->system = server_info->system;
-
        if (session_key) {
                data_blob_free(&session_info->session_key);
                session_info->session_key = data_blob_talloc(session_info,
@@ -1047,8 +1045,6 @@ static NTSTATUS make_new_session_info_system(TALLOC_CTX *mem_ctx,
                return status;
        }
 
-       (*session_info)->unix_info->system = true;
-
        TALLOC_FREE((*session_info)->security_token->sids);
        (*session_info)->security_token->num_sids = 0;
 

diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index 77888ea1e8526182934e43f5dd94b002fe1e8919..b52e88c7a91ce44bf9ea12ff9e2edfafc6172d79 100644 (file)
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -2711,7 +2711,7 @@ static NTSTATUS get_user_info_18(struct pipes_struct *p,
 
        ZERO_STRUCTP(r);
 
-       if (p->session_info->unix_info->system) {
+       if (security_token_is_system(p->session_info->security_token)) {
                goto query;
        }
 

diff --git a/source4/auth/unix_token.c b/source4/auth/unix_token.c
index 7a7d464f0d38b089af634b83ee389122ca02a1e7..38109452a4bc8095ef527cfce02a774d5cc68909 100644 (file)
--- a/source4/auth/unix_token.c
+++ b/source4/auth/unix_token.c
@@ -142,8 +142,6 @@ NTSTATUS auth_session_info_fill_unix(struct wbc_context *wbc_ctx,
        session_info->unix_info = talloc_zero(session_info, struct auth_user_info_unix);
        NT_STATUS_HAVE_NO_MEMORY(session_info->unix_info);
 
-       session_info->unix_info->system = security_token_is_system(session_info->security_token);
-
        session_info->unix_info->unix_name = talloc_asprintf(session_info->unix_info,
                                                             "%s%s%s", session_info->info->domain_name,
                                                             lpcfg_winbind_separator(lp_ctx),