class Chef::ReservedNames::Win32::Security::Token
Attributes
Public Class Methods
Source
# File lib/chef/win32/security/token.rb, line 29 def initialize(handle) @handle = handle end
Public Instance Methods
Source
# File lib/chef/win32/security/token.rb, line 57 def adjust_privileges(privileges_struct) if privileges_struct[:PrivilegeCount] > 0 Chef::ReservedNames::Win32::Security.adjust_token_privileges(self, privileges_struct) end end
Source
# File lib/chef/win32/security/token.rb, line 63 def duplicate_token(security_impersonation_level) duplicate_token_handle = FFI::Buffer.new(:ulong) unless Chef::ReservedNames::Win32::API::Security.DuplicateToken(handle.handle, security_impersonation_level, duplicate_token_handle) raise Chef::ReservedNames::Win32::Error.raise! end Token.new(Handle.new(duplicate_token_handle.read_ulong)) end
Source
# File lib/chef/win32/security/token.rb, line 35 def enable_privileges(*privilege_names) # Build the list of privileges we want to set new_privileges = Chef::ReservedNames::Win32::API::Security::TOKEN_PRIVILEGES.new( FFI::MemoryPointer.new(Chef::ReservedNames::Win32::API::Security::TOKEN_PRIVILEGES.size_with_privileges(privilege_names.length)) ) new_privileges[:PrivilegeCount] = 0 privilege_names.each do |privilege_name| luid = Chef::ReservedNames::Win32::API::Security::LUID.new # Ignore failure (with_privileges TRIES but does not guarantee success-- # APIs down the line will fail if privilege escalation fails) if Chef::ReservedNames::Win32::API::Security.LookupPrivilegeValueW(nil, privilege_name.to_wstring, luid) new_privilege = new_privileges.privilege(new_privileges[:PrivilegeCount]) new_privilege[:Luid][:LowPart] = luid[:LowPart] new_privilege[:Luid][:HighPart] = luid[:HighPart] new_privilege[:Attributes] = Chef::ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED new_privileges[:PrivilegeCount] = new_privileges[:PrivilegeCount] + 1 end end old_privileges = Chef::ReservedNames::Win32::Security.adjust_token_privileges(self, new_privileges) end