privileges patches

Andrew Bartlett abartlet at
Wed Sep 8 20:33:50 MDT 2010

On Sat, 2010-09-04 at 10:06 +1000, tridge at wrote:
> Hi Michael and Volker,
> I've reviewed Andrew's session-info branch (which has the privileges
> changes), and I'm now happy with it after asking for a few tidyups and
> minor bug fixes, including adding backwards compatibility support for
> the existing s3 privileges database format. I've signed off on the
> patches.
> I think it is a very nice consolidation of the privileges code, and it
> achieves an important milestone of making the security_token structure
> in common between Samba3 and Samba4. That will make it much easier to
> share a large range of authentication related code.
> So I'd like it to be merged into master, but as you have both raised
> concerns I'd like to check with you first. 
> I understand that you like the SE_PRIV structure, but I think if you
> look at the final result of the patch you'll see that it really is an
> improvement in readability as the old code was rather obscure. For
> example, look at is_any_privilege_assigned() from the old code, which
> does some pretty obscure bit manipulations.
> So do you object to Andrew pushing this into master?

Michael and Volker,

I'm hoping to have this in the tree in the next couple of days.  To do
that while ensuring that I've addressed your concerns, I need you to let
me know if you intend to do a further review of the final patch.

Tridge has signed off on the changes, after I corrected the issues his
extensive and careful investigation found, and so I hope that we can
merge this soon.

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list