latest passdb checkins

Simo Sorce simo.sorce at polimi.it
Tue Nov 21 14:25:22 GMT 2000 

Simo Sorce wrote:
> 
> Gerald Carter wrote:
> >
> > Folks,
> >
> > With the latest checkins of passdb changes to HEAD,
....


> Hi, when I created it I hit the problem the tdb has only one index.
                   ^^^^^^
ooppps rereading my message it may seem that I claim to have created
TDB, what I mean obviously is when I coded tdb_passdb :)


> We may change to GnuDBM or BerkeleyDBM (just reading the implementation,
> but which platforms we will cut using this DBs ?)
^^^^^^

maybe I am wrong, but at a first read I've seen that also Berkley DBM
use one key only to index data....

> , but I think a way to
> use TDB and act as it is a multi indexed database may be achieved!
> we really need to find data only in 3 ways:
> 1. search for username
> 2. search for rid
> 3. search for uid
> 
> We may implement an interface built this way:
> choose which search is more frequent and store the SAM_ACCOUNT structure
> with a key referencing that: If the searche by username is most frequent
> we store the SAM_ACCOUNT with USER_username key, if the search by RID is
> more frequent we store the SAM_ACCOUNT with RID_userrid.
> 
> Then we build 2 referencing key.
> 
> So USER_username is the entry that contains the SAM_ACCOUNT user
> structure, while RID_userrid and UID_useruid contains a string the point
> to USER_username:
> 
> for user simo, uid 500, rid 012345678 we have:
> USER_simo -> SAM_ACCOUNT
> UID_500 -> USER_simo
> RID_012345678 -> USER_simo

we may also think as a user serial number (maybe used also to generate
unique rids)
for user simo, uid 500, rid 012345678:
account number (in hex) 00100FA1

ACCOUNT_00100FA1 -> SAM_ACCOUNT
USER_simo -> ACCOUNT_00100FA1
UID_500 -> ACCOUNT_00100FA1
RID_012345678 -> USER_simo

this way there is never the possibility to have bad rids or uids to
point incorrect accounts, even if we delete and recreate a new user with
same name and for some reasons UID_* and RID_* does not get updated they
will point to deleted entries (ACCOUNT_* are uniq for db lifetime) and
so they will return an error (and be automatically deleted?)


> 
> what we need to take care is key consistency but, that not a big
> problem.
> If you think it is worth I would take the work to implement this idea!
> 



Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at polimi.it
Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451
-----------------------------------------------------------------
Be happy, use Linux!

More information about the samba-technical mailing list