Modulize Group mapping

Andrew Bartlett abartlet at samba.org
Thu Jun 13 07:34:12 GMT 2002 

"Stefan (metze) Metzmacher" wrote:
> 
> At 09:53 13.06.2002 +0200, Kai Krueger wrote:
> >----- Original Message -----
> >From: "Stefan (metze) Metzmacher" metze at metzemix.de  Sent: Wednesday, June
> >12, 2002 10:43 AM
> >
> > > Hi,
> >
> > > I've startet to make the group mapping code modulized in the way it is
> > done
> > > in the auth and passdb subsystems.
> >
> >I think modularising the group mapping code is a good idea. However I'd
> >prefer to see
> >and would want to help with, a little bit more "radical" approach to the
> >topic. I'd suggest, instead
> >of creating a group _mapping_ api, create a group api.
> 
> nice approach.

I agree, the abstraction fits a bit bettter.


> I would prefer to define a new struct called GROUP_ENTRY
> 
> typedef struct _GROUP_ENTRY {
> 
>          fstring nt_name;

Make that an allocated char *, or even better add a talloc context and
talloc it.

>          fstring comment;
> 
>          DOM_SID sid;
>          gid_t gid;
> 
>          SEC_DES sd;
> 
>          BOOL global;
> 
>          int     members;
>          DOM_SID **member_sids;
> 
>          enum SID_NAME_USE sid_name_use;
> 
>          PRIVILEGE_SET priv_set;
> 
>          /* specify the group mapping backend */
>          struct group_map_methods *methods;
> } GROUP_ENTRY
> 
> >I've included the get_group_sd, because that makes the handling of the
> >builtin domain and aliases
> >easier. The differences between the normal domain and builtin can then be
> >done in higher level
> >functions using the SDs.
> 
> I'm not familiar with SEC_DESC, I need to study this and find out why it
> should be easier to use them...
> 
> Are you on IRC #samba-technical?

I am :-).  BTW, the server is on the irc.openprojects.net network.

I'm quite pleased at the current interest in this area - its nice to see
people working on this stuff again (new blood, new ideas and new
enthusiasm).

Thanks!

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list