Fetching Unix account information.
noyd at u.washington.edu
Thu May 13 23:21:00 GMT 1999
In the most recent version of Samba code I've retrieved with CVS, I see an
incease in the use of OS routines for obtaining account information. In
previous samba versions, I could replace the "Get_Pwnam()" and be assured
that I had control of what data samba obtained. Now there appears to be a
function hashed_getpwnam() as well.
The hashed_getpwnam() is a solution to a performance problem with
an OS implimentation of "getpwnam()". The usefulness of that
solution will depend greatly on the algorithms used in
getpwnam(),setpwent(),getpwent(),endpwent() and the size of the
unix account database. This sort of code ought to be configured
--with-slow-getpwnam for those OS that need it.
There is also the routine uidtoname(), which is getting increased use.
In samba 2.0.3 (samba-latest.tar) it was used to provide a text string for
display in the status report. Now in subsequent source it also is being
used as glue to tie together the entries in the Unix, SMB and SAM
databases. This new use of the Unix uid seems to add a requirement that
the Get_Pwnam()&hashed_getpwnam() functions provide a unique uid for each
Unix account name. I'd rather not do that for one of my configurations of
Samba where I can best authorize access using a single unix uid. I could
use a --without-uidtoname configuration option to circumvent any attempt
to obtain account information using a unix uid.
Computing & Communications 354843, University of Washington
E-mail: noyd at u.washington.edu Phone: (206) 543-5852
More information about the samba-ntdom