More proposed passdb changes: users without local unix uids.

Kevin (HxPro) Wheatley hxpro at cinesite.co.uk
Wed Jan 9 00:44:04 GMT 2002


Andrew Bartlett wrote:
> 
> Jeremy Allison wrote:
> >
> > On Tue, Jan 08, 2002 at 05:12:02PM +1100, Andrew Bartlett wrote:
> 
> > > Of course the uid field never makes it to the SAM_ACCOUNT struct, but
> > > this method is backward-compatible (as far as I can tell) because the
> > > smbpasswd format is unchanged (unless you are a site with over 6000
> > > users in smbpasswd, and I highly doubt there are any, given the
> > > performance problems).
> >
> > I'm concerned about this. The reason is that on many
> > sites the users are not allocated in a linear fashion.
> >
> > You can't just assume that users over 6000 are "safe".
> >
> > I'd resist creating users in smbpasswd that don't exist
> > in /etc/passwd. Please don't check this code in yet.
> 
> In light of these comments and JF's I'll be making the test 'uid >= 6000
> && !getpwnam(name)'.  But as you note in your next e-mail, I've promised
> not to touch anything yet...

we certainly use UIDs near 6000, we have a sparse usage because the
different sites we have have autonomy over a range of UIDs, perhaps a
runtime configurable range with upper and lower bounds may be better, at
least don't hard code 6000 make it a parameter would be my suggestion.

I always find it interesting to see just how long those 'quick hacks'
stay in code because somebody finds it useful :-)

Kevin

-- 
| Kevin Wheatley             | These are the opinions of nobody   |
| Technical Services Manager | and are not shared by my employers |
| Cinesite Digital Studios   |                                    |




More information about the samba-technical mailing list