Security Identifier (SID) to User Identifier (uid) Resolution System

Steve Langasek vorlon at
Tue Jan 4 20:04:10 GMT 2000

On Wed, 5 Jan 2000, Cole, Timothy D. wrote:

> 	On another note, although it's not really relevent to Samba, over
> the holiday I was actually pondering sticking a SURS-like table in a hidden
> inode on an ext2/3 filesystem, mapping between uids/gids on the disk and
> SIDs.  The kernel patch would also include a SURS-like mapping table
> in-kernel, which would map between SIDs and "system" uids/gids (which might
> well be different from those on disk).

> 	The kernel table would be filled out from userspace, having a few
> initial entries for root and the like hard-coded.   SIDs with no kernel
> entry would map to uid/gid -2 (nobody), until such time as a mapping were
> added from userspace.  Mapping between fs uids/gids and "system" uids/gids
> would be done by the filesystem driver, so none of the existing interfaces
> would really have to change -- no hits from comparing SIDs everywhere, it's
> still all word-size integers.

Intriguing.  It's probably not that important for a first implementation, but
would it be possible to make the default 'nobody' SID mapping configurable via
a mount option?

-Steve Langasek
postmodern programmer

More information about the samba-technical mailing list