From: Andreas Schneider Date: Fri, 22 Jun 2012 13:38:25 +0000 (+0200) Subject: s3-printing: Remove deprecated lp_printer_admin(). X-Git-Url: http://git.samba.org/samba.git/?p=kai%2Fsamba.git;a=commitdiff_plain;h=98ab0740946f8ffff72e96465270efaea01e9459 s3-printing: Remove deprecated lp_printer_admin(). --- diff --git a/examples/scripts/shares/python/smbparm.py b/examples/scripts/shares/python/smbparm.py index 37939921b65..8dca781ffcb 100644 --- a/examples/scripts/shares/python/smbparm.py +++ b/examples/scripts/shares/python/smbparm.py @@ -257,7 +257,6 @@ parm_table = { "PARANOIDSERVERSECURITY" : ("paranoid server security", SambaParmBool, P_GLOBAL, "Yes"), "WTMPDIRECTORY" : ("wtmp directory", SambaParmString, P_GLOBAL, ""), "ADDPRINTERCOMMAND" : ("addprinter command", SambaParmString, P_GLOBAL, ""), - "PRINTERADMIN" : ("printer admin", SambaParmString, P_LOCAL, ""), "WINSSERVER" : ("wins server", SambaParmString, P_GLOBAL, ""), "LDAPTIMEOUT" : ("ldap timeout", SambaParmString, P_GLOBAL, "15"), "LOCKDIRECTORY" : ("lock directory", SambaParmString, P_GLOBAL, "/var/lib/samba"), diff --git a/source3/include/proto.h b/source3/include/proto.h index 1fced14d1d3..979bcfe0ced 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1263,7 +1263,6 @@ char *lp_force_user(int ); char *lp_force_group(int ); const char **lp_readlist(int ); const char **lp_writelist(int ); -const char **lp_printer_admin(int ); char *lp_fstype(int ); const char **lp_vfs_objects(int ); char *lp_msdfs_proxy(int ); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index ba57553802a..e31c0472301 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -179,7 +179,6 @@ static struct loadparm_service sDefault = .force_group = NULL, .readlist = NULL, .writelist = NULL, - .printer_admin = NULL, .volume = NULL, .fstype = NULL, .szVfsObjects = NULL, @@ -1020,15 +1019,6 @@ static struct parm_struct parm_table[] = { .enum_list = NULL, .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE, }, - { - .label = "printer admin", - .type = P_LIST, - .p_class = P_LOCAL, - .offset = LOCAL_VAR(printer_admin), - .special = NULL, - .enum_list = NULL, - .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_PRINT | FLAG_DEPRECATED, - }, { .label = "force user", .type = P_STRING, diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 9e7ca408342..b821d28326b 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1783,17 +1783,6 @@ bool print_access_check(const struct auth_session_info *session_info, DEBUG(4, ("access check was %s\n", NT_STATUS_IS_OK(status) ? "SUCCESS" : "FAILURE")); - /* see if we need to try the printer admin list */ - - if (!NT_STATUS_IS_OK(status) && - (token_contains_name_in_list(uidtoname(session_info->unix_token->uid), - session_info->info->domain_name, - NULL, session_info->security_token, - lp_printer_admin(snum)))) { - talloc_destroy(mem_ctx); - return True; - } - talloc_destroy(mem_ctx); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index 8278ae8390e..b67d5718073 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -1811,13 +1811,8 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, if ((p->session_info->unix_token->uid != sec_initial_uid()) && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && - !nt_token_check_sid(&global_sid_Builtin_Print_Operators, p->session_info->security_token) && - !token_contains_name_in_list( - uidtoname(p->session_info->unix_token->uid), - p->session_info->info->domain_name, - NULL, - p->session_info->security_token, - lp_printer_admin(snum))) { + !nt_token_check_sid(&global_sid_Builtin_Print_Operators, + p->session_info->security_token)) { close_printer_handle(p, r->out.handle); ZERO_STRUCTP(r->out.handle); DEBUG(3,("access DENIED as user is not root, " @@ -2081,15 +2076,9 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p, /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ - if ( (p->session_info->unix_token->uid != sec_initial_uid()) - && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) - && !token_contains_name_in_list( - uidtoname(p->session_info->unix_token->uid), - p->session_info->info->domain_name, - NULL, - p->session_info->security_token, - lp_printer_admin(-1)) ) - { + if ((p->session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege(p->session_info->security_token, + SEC_PRIV_PRINT_OPERATOR)) { return WERR_ACCESS_DENIED; } @@ -2226,14 +2215,9 @@ WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p, /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ - if ( (p->session_info->unix_token->uid != sec_initial_uid()) - && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) - && !token_contains_name_in_list( - uidtoname(p->session_info->unix_token->uid), - p->session_info->info->domain_name, - NULL, - p->session_info->security_token, lp_printer_admin(-1)) ) - { + if ((p->session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege(p->session_info->security_token, + SEC_PRIV_PRINT_OPERATOR)) { return WERR_ACCESS_DENIED; } @@ -8664,12 +8648,8 @@ WERROR _spoolss_AddForm(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && - !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid), - p->session_info->info->domain_name, - NULL, - p->session_info->security_token, - lp_printer_admin(snum))) { + !security_token_has_privilege(p->session_info->security_token, + SEC_PRIV_PRINT_OPERATOR)) { DEBUG(2,("_spoolss_Addform: denied by insufficient permissions.\n")); return WERR_ACCESS_DENIED; } @@ -8742,12 +8722,8 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p, } if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && - !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid), - p->session_info->info->domain_name, - NULL, - p->session_info->security_token, - lp_printer_admin(snum))) { + !security_token_has_privilege(p->session_info->security_token, + SEC_PRIV_PRINT_OPERATOR)) { DEBUG(2,("_spoolss_DeleteForm: denied by insufficient permissions.\n")); return WERR_ACCESS_DENIED; } @@ -8816,12 +8792,8 @@ WERROR _spoolss_SetForm(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && - !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid), - p->session_info->info->domain_name, - NULL, - p->session_info->security_token, - lp_printer_admin(snum))) { + !security_token_has_privilege(p->session_info->security_token, + SEC_PRIV_PRINT_OPERATOR)) { DEBUG(2,("_spoolss_Setform: denied by insufficient permissions.\n")); return WERR_ACCESS_DENIED; }