More proposed passdb changes: users without local unix uids.
Kevin (HxPro) Wheatley
hxpro at cinesite.co.uk
Wed Jan 9 00:44:04 GMT 2002
Andrew Bartlett wrote:
>
> Jeremy Allison wrote:
> >
> > On Tue, Jan 08, 2002 at 05:12:02PM +1100, Andrew Bartlett wrote:
>
> > > Of course the uid field never makes it to the SAM_ACCOUNT struct, but
> > > this method is backward-compatible (as far as I can tell) because the
> > > smbpasswd format is unchanged (unless you are a site with over 6000
> > > users in smbpasswd, and I highly doubt there are any, given the
> > > performance problems).
> >
> > I'm concerned about this. The reason is that on many
> > sites the users are not allocated in a linear fashion.
> >
> > You can't just assume that users over 6000 are "safe".
> >
> > I'd resist creating users in smbpasswd that don't exist
> > in /etc/passwd. Please don't check this code in yet.
>
> In light of these comments and JF's I'll be making the test 'uid >= 6000
> && !getpwnam(name)'. But as you note in your next e-mail, I've promised
> not to touch anything yet...
we certainly use UIDs near 6000, we have a sparse usage because the
different sites we have have autonomy over a range of UIDs, perhaps a
runtime configurable range with upper and lower bounds may be better, at
least don't hard code 6000 make it a parameter would be my suggestion.
I always find it interesting to see just how long those 'quick hacks'
stay in code because somebody finds it useful :-)
Kevin
--
| Kevin Wheatley | These are the opinions of nobody |
| Technical Services Manager | and are not shared by my employers |
| Cinesite Digital Studios | |
More information about the samba-technical
mailing list