Status of Kerberos Support across Samba versions
Nicolas Williams
Nicolas.Williams at ubsw.com
Tue May 9 13:43:18 GMT 2000
Re: Status of Kerberos Support across Samba versions
> On Tue, 9 May 2000, Nicolas Williams wrote:
>
> > Remember, most modern Unix kernels (*BSD, Solaris) (Linux?) already
> > store POSIX creds in a fairly opaque cred_t struct type and provide
> > utility functions for comparing uid_t and gid_t values to a given cred_t
> > value.
>
> > So it should be possible to re-shape the cred kernel struct to be
> > extensible, e.g., to support multipe credential types, without having to
> > re-write any or much existing FS driver code.
>
> cred_t doesn't show up anywhere under /usr/include/ on any of my Linux
> systems, and I've never heard of a syscall like that. If it exists at
> all, it won't show up until Linux 2.4, so perhaps this is the first
> thing for people to push on the linux-kernel list if they're interested
> in seeing support for SIDs...
Oh, that's too bad. I know nothing about Linux kernel source. But I know
that *BSD and Solaris do have a cred struct and cred_t typedef and
several internal functions (not syscalls) that support access to and
comparisons of cred structs. The effect of this is to make credentials
somewhat opaque to most of the kernel source.
It's not a big step from that state of affairs to supporting multiple
credential types...
> Steve Langasek
> postmodern programmer
Nico
--
More information about the samba-technical
mailing list