From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 14 Sep 2023 22:52:51 +0000 (+1200)
Subject: libgpo: Reimplmeent registry_create_system_token() using get_system_token()
X-Git-Tag: tevent-0.16.0~424
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d027200a02e07c6a80e5bf3854af836d10b01b7d;p=thirdparty%2Fsamba.git

libgpo: Reimplmeent registry_create_system_token() using get_system_token()

This helps ensure we have a smaller number of places that
a struct security_token starts from.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
---

diff --git a/libgpo/gpo_reg.c b/libgpo/gpo_reg.c
index f52173ea189..a1a8d7d1a07 100644
--- a/libgpo/gpo_reg.c
+++ b/libgpo/gpo_reg.c
@@ -35,23 +35,17 @@
 
 struct security_token *registry_create_system_token(TALLOC_CTX *mem_ctx)
 {
-	struct security_token *token = NULL;
+	const struct security_token *system_token = get_system_token();
 
-	token = talloc_zero(mem_ctx, struct security_token);
-	if (!token) {
-		DEBUG(1,("talloc failed\n"));
-		return NULL;
-	}
-
-	token->privilege_mask = SE_ALL_PRIVS;
+	struct security_token *dup_token
+		= security_token_duplicate(mem_ctx, system_token);
 
-	if (!NT_STATUS_IS_OK(add_sid_to_array(token, &global_sid_System,
-			 &token->sids, &token->num_sids))) {
-		DEBUG(1,("Error adding nt-authority system sid to token\n"));
+	if (dup_token == NULL) {
+		DBG_WARNING("security_token_duplicate() failed\n");
 		return NULL;
 	}
 
-	return token;
+	return dup_token;
 }
 
 /****************************************************************